Ping of death
Attack on a computer system by pinging a computer / From Wikipedia, the free encyclopedia
Dear Wikiwand AI, let's keep it short by simply answering these key questions:
Can you list the top facts and stats about Ping of death?
Summarize this article for a 10 year old
A ping of death is a type of attack on a computer system that involves sending a malformed or otherwise malicious ping to a computer.[1] In this attack, a host sends hundreds of ping requests with a packet size that is large or illegal to another host to try to take it offline or to keep it preoccupied responding with ICMP Echo replies.[2]
A correctly formed ping packet is typically 56 bytes in size, or 64 bytes when the Internet Control Message Protocol (ICMP) header is considered, and 84 bytes including Internet Protocol (IP) version 4 header. However, any IPv4 packet (including pings) may be as large as 65,535 bytes. Some computer systems were never designed to properly handle a ping packet larger than the maximum packet size because it violates the Internet Protocol.[3][4] Like other large but well-formed packets, a ping of death is fragmented into groups of 8 octets before transmission. However, when the target computer reassembles the malformed packet, a buffer overflow can occur, causing a system crash and potentially allowing the injection of malicious code. The excessive byte size prevents the machine from processing it effectively, impacting the cloud environment and causing disruptions in the operating system processes leading to reboots or crashes.[5]
In early implementations of TCP/IP, this bug is easy to exploit and can affect a wide variety of systems including Unix, Linux, Mac, Windows, and peripheral devices. As systems began filtering out pings of death through firewalls and other detection methods, a different kind of ping attack known as ping flooding later appeared, which floods the victim with so many ping requests that normal traffic fails to reach the system (a basic denial-of-service attack).
The ping of death attack has been largely neutralized by advancements in technology. Devices produced after 1998 include defenses against such attacks,[specify] rendering them resilient to this specific threat. However, in a notable development, a variant targeting IPv6 packets on Windows systems was identified, leading Microsoft to release a patch in mid-2013.[6]