Question

It is important to test for the ping of death attack. Explain why this test is predominantly historical, and not necessarily relevant to most modern systems.

Answer 1

The ping of death is a Denial of Service (DoS) attack that causes vulnerable systems to freeze, crash or destabilise. To get the attack started, one sends a malicious data packet to the system. When target system opens the data-packet it encounters an error that causes it to crash or freeze. POD is like a mail bomb: If the recipient opens the package, a mechanism is activated and the target is attacked and in the worst case destroyed.

Fortunately, since 1998 these kinds of attacks have no longer been possible on most devices.Since modern systems are secured against the ping of death, today’s malicious hackers tend to use a ping flood for attacks.

The ping of death is predominantly historical and its test is not relevant for modern systems. Since the attack was discovered in 1997, precautions were made to server and systems to provide the required protection.

• Supplementary checks made sure that the max-size for the packets is not large. Malicious packets are already rejected by the network. Each IP fragment is examined and it must meet the following requirement :

  “FragmentOffset + TotalLength should be less than 65.535 Bytes”, otherwise the packet is rejected.

• Also, the use of a larger memory buffer can help protect against the dreaded buffer overflow.

By following these measures current systems and server softwares are no longer vulnerable to POD attacks .