What is a ping of death attack?
Ping of Death (aka PoD) is a type of Denial of Service (DoS) attack. An attacker attempts to crash, stabilize, or stop a computer or service targeted by sending inappropriate or excessive packets using a simple ping command.
While PoD attacks exploit the weakness of the inheritance, they may have incorporated into the rationale for purposes. However, in unincorporated programs, attacks are still significant and dangerous. Recently, a new type of PoD attack has emerged. In this attack, the Ping flood, the target system is hit by ICMP packets sent immediately via ping without waiting for a response.
How does a ping of death attack work?
Internet Control Message Protocol (ICMP) echo-reply message or “ping” is a network device used to monitor network communication and works as a sonar – the “pulse” to send, and the “echo” from that pulse tells environmental information operator. When the connection is active, the source machine receives the response from the target machine.
While some ping packs are tiny, the IP4 ping packs are very large and can be as large as the permitted packet size of 65,535 bytes. Some TCP / IP systems have never been designed to handle larger packets, making them vulnerable to packets larger than that size.
When a large dangerous packet is transferred from the attacker to the target, the packet is divided into sections below the maximum size limit. When a target machine attempts to assemble the pieces, the total exceeds the size limit, and overflow of the satellite is possible, causing the target machine to catch, explode or restart.
While the ICMP echo can be used for this attack, anything that sends an IP datagram can be used for this exploitation. That includes the delivery of TCP, UDP, and IPX.
How is a PING OF DEATH (POD) DDOS Attack Mitigated?
So, how can you prevent the ping of a death attack? Let’s look at how we can stop the ping of death attacks and their various versions. Another way is to block ICMP ping messages completely from the firewall. However, this is not a long-term way to prevent the death of ping and suffer from specific disabilities.
Unauthorized and dangerous packet attacks can also be sent to any FTP compliant ports, which cannot be blocked for operational reasons. In addition, blocking ping messages also impacts official ping usage, many of which many people still rely on to check if there is a connection to the network.
The best way to filter and block is by selecting separate pings accused of unusual activity while allowing official ping traffic to pass without interruption by the network and firefighters.