A Ping of Death attack is a denial-of-service (DoS) attack, in which the attacker aims to disrupt a targeted machine by sending a packet larger than the maximum allowable size, causing the target machine to freeze or crash. The original Ping of Death attack is less common today. A related attack known as an ICMP flood attack is more prevalent.Is ping of death attack specific to ICMP or could it also happen with other transport protocols?
Asked
Active
Viewed 397 times
3
-
OP said: "Is ping of death attack specific to ICMP or could it also happen with other transport protocols?" ICMP is not a "transport protocol" it is a protocol at the network layer (below the transport layer). That's why, for example, it does not have "port" associated with it. – hft Dec 15 '17 at 00:42
1 Answers
6
The ping of death was caused by a bug in handling invalid packets. Such bugs are not restricted to ICMP but can happen with other protocols too. In fact, the more complex a protocol is the more likely bugs in handling unexpected data will be. For example in 2016 Cisco ASA had a critical bug in which it was possible for an attacker to execute code on the machine (CVE-2016-1287) with a malformed IKE (UDP) packet. Or in 2011 it was possible to DOS the Apache web server with a few crafted HTTP (TCP) requests (CVE-2011-3192). Other examples are the SQL Slammer worm which caused major disruptions of internet traffic in 2003 and could be triggered by a single UDP packet. And there are many more cases.
Steffen Ullrich
- 184,332
- 29
- 363
- 424