Fragment overlap attack definition
A fragment overlap attack is a type of denial of service (DoS) attack that abuses the way devices send data in IP packets (datagrams). Most types of fragment overlap attack involve sending datagrams that will be impossible to reassemble and interpret upon delivery. The hacker’s goal is to abuse servers’ resources and prevent them from performing the operations they are supposed to.
Examples of a fragment overlap attack
- A TCP fragmentation attack uses packets designed to be impossible to reassemble upon delivery. They can be incomplete or overlapping. The packets can cause an operating system to freeze or crash because it is unable to process them.
- UDP and ICMP fragmentation attacks flood servers with oversized or otherwise corrupt packets that they must reject. This can quickly overload a server’s resources and prevent it from performing its intended operations.
Stopping a fragment overlap attack
- Inspect incoming packets using a router, a secured proxy server, firewalls, or intrusion detection systems.
- Keep your operating system up to date.
- Block fragmented IP packets by cutting your connection with anyone who sends them.