Ping of Death The ping of death attack is one of the oldest network attacks. The principle of ping of death simply involves creating an IP datagram whose total size exceeds the maximum authorized size (65,536 bytes). When such a packet is sent to a system with a vulnerable TCP/IP stack, it will cause the system to crash. The Ping of Death attack relied on a bug in the Berkeley TCP/IP stack which also existed on most systems which copied the Berkeley network code. The ping of death was simply sending ping packets. The maximum allowable IP packet size is 65,535 bytes, including the packet header, which is typically 20 bytes long. An ICMP echo request is an IP packet with a pseudo header, which is 8 bytes long. Therefore, the maximum allowable size of the data area of an ICMP echo request is 65,507 bytes (65,535 - 20 - 8 = 65,507). However, many ping implementations allow the user to specify a packet size larger than 65,507 bytes. A grossly oversized ICMP packet can trigger a range of adverse system reactions such as denial of service (DoS), crashing, freezing, and rebooting. The ping of death attack, or PoD, can cripple a network based on a flaw in the TCP/IP system. Since the maximum size for a packet is 65,535 bytes. If one were to send a packet larger than that, the receiving computer would ultimately crash from confusion. Sending a ping of this size is against the rules of the TCP/IP protocol, but hackers can bypass this by cleverly sending the packets in fragments. When the fragments are assembled on the receiving computer, the overall packet size is too great. This will cause a buffer overflow and crash the device.
Posted on: Sun, 09 Mar 2014 09:34:57 +0000
Trending Topics
Recently Viewed Topics
© 2015