Ping of death
(also PoD, long ICMP)
Ping of death definition
A ping of death is a denial of service (DoS) attack in which a hacker sends oversized or malformed data packets to crash, destabilize, or freeze the targeted computer. Malicious parties use a ping of death to make computer systems unstable. While ping of death attacks were common in older computer systems, they may still affect machines that haven’t been updated.
How a ping of death works
- A correctly formed IPv4 data packet is 65,535 bytes. Historically, if a machine received a packet larger than that, it would crash.
- To initiate a ping of death attack, the hacker sends a packet larger than 65,535 bytes in malformed fragments.
- When the computer system attempts to reassemble the fragmented data packet, it ends up with one that’s larger than 65,535 bytes.
- The system can’t handle it and the computer freezes, crashes, or reboots.
How to prevent ping of death
- ICMP blocking. To avoid PoD attacks, many network devices block ICMP ping messages using their firewalls.
- Block fragmented pings. This approach allows ping traffic to pass through but blocks only the fragmented data packets.