The ping of death attack, one of the oldest attacks on the Internet, caused the immediate crash of vulnerable systems. Fortunately, it stopped working on most devices around 1998. This threat uses the Internet Control Message Protocol (ICMP), although, in principle, it can also use other IP-based protocols. Since modern systems are protected against the ping of death, today’s hackers tend to use the related ping flood to carry out their attacks instead.
When the victim opens this threat, the mechanism is activated like a bomb and the target is immediately damaged or destroyed. The so-called ping command, from which this attack gets its name, is generally used to check if a device is available on the network. In technical terms, the ping command is based on the Internet Control Message Protocol (ICMP), which is used to transmit status information on the Internet.
To carry out this attack, the attacker creates an ICMP packet that exceeds the maximum authorized size. This datagram is divided into smaller chunks so that it can be sent. When you reassemble all the shards on the recipient side, the last one exceeds the allowed size, causing a buffer overflow if the system is unprotected. The result is a crash or crash of the system, which suffers a denial of service effect.
An Echo ICMP packet is typically 56 bytes in size. In contrast, the packet sent in a ping of death attack is at least 65,535 bytes, more than a thousand times larger and equivalent to the limit per packet set in the underlying Internet Protocol (IP).
Related reads:
SYN Flood variant of DDoS attack
ICMP Flood denial of service attack type
[…] Also check:Avaddon, the ransomware that uses DDoS attacksGafgyt is a botnet that uses Mirai DDoS modulesPing of Death, One of the first threats on the net […]