What is Ping of Death Attack? How does it work?
What is Ping of death Attack?
Ping of Death Attack is a type of cyber attack. Hacker can apply this hacking method if he wants to crash your laptop or server. Another name for PoD is Denial of Service Attacks. In this method, the hacker sends data packets to specific devices. The device may crash when it becomes impossible for the device to handle the data.
Table of Contents
How Ping of Death Attack works
Before a PoD attack, the hacker sends a Ping to the target machine and receives an Echo reply. Through this connection is made between the source machine and the target machine.
Usually ping packets are very short. IP4 ping packet size is max 65,535 bytes. But before the attack starts, the hacker sends a packet larger than 110,000 bytes to the target machine.
Some TCP/IP systems cannot handle this packet size so they are split into different segments. Segments are smaller than the max limit. Then the target machine tries to merge these segments. This causes the total packet size limit to be crossed, causing buffering and over-flow. As a result the target machine crashes, freezes or reboots.
This attack can also be transmitted through TCP, UDP and IPX protocols. In general, this attack can be carried out with anything that sends IP datagrams.
How to Reduce Ping of Death DDoS Attacks
There are many ways to prevent Ping of death DDoS. You can create memory buffers to handle large packets, or you can add checks during the packet reassembly process that will protect the device from large packets.
Devices manufactured after 1998 have nothing to fear from the Ping of Death attack. Although some legacy devices still have some fear.
A new type of Ping of Death attack was discovered in mid-2013 that affected IPv6 packets. But Cloudflare servers can prevent DDoS attacks very well.
Let’s see how to prevent Ping attack,
Keep software updated: The developer always keeps a Vulnerability check of the app and updates it quickly if there is any problem. So update the app/software as soon as you get the update.
Filter Traffic: Filter traffic, you can block fragmented pings if you want. As a System Administrator, you can also edit just standard Pings if you want.
Watch the packet size: Check the packet size limit and block the large amount of data coming through the packet.
Use buffer: Create an overflow buffer that can handle over-sized packets.
What is the ping command?
To know how Ping of death attack works, you need to know how Ping works. The ping command basically checks network connectivity, it works like a pulse. A signal is sent with this command, the machine again waits for its echo. The Internet Control Message Protocol (ICMP) echoed the replies.
The Ping limit is usually a maximum of 65,535 bytes beyond which the device may crash. Hackers turn this Ping command into Ping of death. To do this, they create a simple loop that will continue to send packets over 65,535 bytes to the target device.
The rule of Internet Protocol or IP is that it will only send packets of 65,535 bytes. When attackers send packets over this size, the target machine cannot handle it and crashes.
Is the Ping of Death still working?
PoD first appeared in the mid-1990s, but it wasn’t until 1998 that hardware manufacturers implemented security measures to prevent it.
- If you still fear Ping of death attacks,
- You have an old legacy device
- You have an unpatched copy of Windows XP and Windows Server 2013 that have OpenType fonts vulnerabilities.
- October 2020 If your Windows system has unpatched kernel driver in TCPIP.sys.
How to protect companies from Ping of death attacks
To protect the company from such attacks
- Stop using all pre-1998 legacy devices
- Block ICMP Ping messages through firewalls
- Receive DDoS Protection services
FAQ about Ping of Death
What is Ping of Death Attack?
Ping of death attack flooding the target machine by sending ICMP ping messages and abnormal data packets.
Still worried about Ping of Death Attack?
All modern hardware has protection against this attack but it can happen anytime due to any software or platform vulnerability.
How to save the organization?
Always keep your computer system updated and patched. Avoid legacy equipment. Set the firewall to block ICMP ping messages. Receive DDoS Protection services.
last word
Hope you have learned more about Ping of Death Attack, take the above steps to be safe from it and keep your system updated all the time.