Skip to main content

Home Ping of death

Ping of death

(also PoD, long ICMP)

Ping of death definition

A ping of death is a denial of service (DoS) attack in which a hacker sends oversized or malformed data packets to crash, destabilize, or freeze the targeted computer. Malicious parties use a ping of death to make computer systems unstable. While ping of death attacks were common in older computer systems, they may still affect machines that haven’t been updated.

How a ping of death works

  • A correctly formed IPv4 data packet is 65,535 bytes. Historically, if a machine received a packet larger than that, it would crash.
  • To initiate a ping of death attack, the hacker sends a packet larger than 65,535 bytes in malformed fragments.
  • When the computer system attempts to reassemble the fragmented data packet, it ends up with one that’s larger than 65,535 bytes.
  • The system can’t handle it and the computer freezes, crashes, or reboots.

How to prevent ping of death

  • ICMP blocking. To avoid PoD attacks, many network devices block ICMP ping messages using their firewalls.
  • Block fragmented pings. This approach allows ping traffic to pass through but blocks only the fragmented data packets.