Revision as of 22:55, 21 January 2014 edit 67.148.50.158 (talk) →IP fragment overlapped: combined IP fragment overlapped with IP fragment overwrite because they are the same. ← Previous edit		Revision as of 22:55, 21 January 2014 edit undo 67.148.50.158 (talk) →IP fragment overwrite: removed IP fragment overwrite because it is the same as IP fragment overlap Tag: section blanking Next edit →
Line 153: === IP fragment overrun === The IP Fragment Overrun exploit is when a reassembled fragmented datagram exceeds the declared IP data length or the maximum datagram length. By definition, no IP datagram should be larger than 65,535 bytes. Systems that try to process these large datagrams can crash, and can be indicative of a denial of service attempt. ~~=== IP fragment overwrite ===~~ Overlapping fragments may be used in an attempt to bypass Intrusion Detection Systems. In this exploit, part of an attack is sent in fragments along with additional random data; future fragments may overwrite the random data with the remainder of the attack. If the completed datagram is not properly reassembled at the IDS, the attack will go undetected. <!-- Triggers when a fragment overlap occurs which results in existing data being overwritten. This part seems random, but it might belong in here somewhere.--> === IP fragment too many datagrams ===

IP fragmentation attack: Difference between revisions