Fragmentation Attack

From Glitchdata
Revision as of 10:22, 28 July 2022 by Jasonchen (talk | contribs) (Created page with "Fragmented packets are IP packets that are too big to pass through many networks. In essence, the packet gets split up into a few, or many, packets. This causes packet #frag...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Fragmented packets are IP packets that are too big to pass through many networks.

In essence, the packet gets split up into a few, or many, packets. This causes packet #fragmentation.

With a packet fragmentation attack, the malicious threat actor will also sprinkle in some additional packets identical to some of the ones already being sent.

Imagine getting 3 boxes to assemble a desk, or bed, instead of one... plus, getting 13 extra boxes that are seemingly duplicates. You will probably get stressed, frustrated and take a break.... or even give up.

The same happens to a server during this PFA. The server gets overloaded - and shuts down.

The new method I have been seeing is, includes a malicious software (malware) payload to be reassembled, including #ransomware.

I will link an article I wrote, in the comments below, that gives a more technical overview of what a packet fragmentation attack is, how it works... and how to defend against it.

One of the three main forms of this attack is also called a #TeardropAttack