Attocco IP fragmentation
A "fragment attack" is a network saturation (denial-of-service) attack that exploits the fragmentation principle of the IP protocol.
The IP protocol is used to fragment large packets into several IP packets each having a sequence number and a common identification number. When receiving data, the recipient reassembles the packets thanks to the offset values they contain.
The most famous fragment attack is the Teardrop attack. The principle of the Teardrop attack involves inserting false offset information into fragmented packets. As a result, during reassembly, there are empty or overlapping fragments that can cause the system to be unstable.
Recent systems are no longer vulnerable to this attack.
Latest update on October 16, 2008 at 09:43 AM by Jeff.