Revision as of 20:05, 4 April 2023 edit Kvng (talk \| contribs) Extended confirmed users, New page reviewers 116,056 edits m caps ← Previous edit		Revision as of 04:40, 4 November 2024 edit undo 169.231.51.103 (talk) Change TCP/IP suite link to an existing article Tag: Visual edit Next edit →
Line 8: '''IP fragmentation attacks''' are a kind of [[cyberattack\|computer security attack]] based on how the [[Internet Protocol]] (IP) requires data to be transmitted and processed. Specifically, it invokes [[IP fragmentation]], a process used to partition messages (the [[service data unit]] (SDU); typically a [[network packet\|packet]]) from one layer of a network into multiple smaller [[payload (computing)\|payload]]s that can fit within the lower layer's [[protocol data unit]] (PDU). Every network link has a maximum size of [[data frame\|messages]] that may be transmitted, called the [[maximum transmission unit]] (MTU). If the SDU plus metadata added at the link layer exceeds the MTU, the SDU must be fragmented. IP fragmentation attacks exploit this process as an [[attack vector]]. Part of the [[Internet protocol suite\|TCP/IP suite]] is the Internet Protocol (IP) which resides at the [[Internet Layer]] of this model. IP is responsible for the transmission of packets between network end points. IP includes some features which provide basic measures of fault-tolerance (time to live, checksum), traffic prioritization (type of service) and support for the fragmentation of larger packets into multiple smaller packets (ID field, fragment offset). The support for fragmentation of larger packets provides a protocol allowing routers to fragment a packet into smaller packets when the original packet is too large for the supporting datalink frames. IP fragmentation exploits (attacks) use the fragmentation protocol within IP as an attack vector. According to [Kurose 2013], in one type of IP fragmentation attack "the attacker sends a stream of small fragments to the target host, none of which has an offset of zero. The target can collapse as it attempts to rebuild datagrams out of the degenerate packets."<ref name=":0">{{Cite book\|title=Computer Networking: A Top-down Approach\|last=Kurose\|first=James F.\|date=2013\|publisher=Pearson\|others=Ross, Keith W., 1956-\|isbn=9780132856201\|edition=6th\|___location=Boston\|pages=338\|oclc=769141382}}</ref> Another attack involves sending overlapping fragments with non-aligned offsets, which can render vulnerable operating systems not knowing what to do, causing some to crash.<ref name=":0" />

IP fragmentation attack: Difference between revisions