Ping of Death

The Internet Control Message Protocol (ICMP) can be used to check basic network connectivity between two devices. Attacks can manipulate the size of the ICMP message to be greater than the normal size. A simple utility that uses the ICMP is known as ping.

If an attacker sends a ping of 65,536 bytes or greater to another device on a network, it will cause the recipient machine (victim) to crash. This type of attack is known as Ping of Death.

Let's take a look at the following diagram to better understand what takes place:

In this diagram, the victim that receives the fragmented packets will do the reassembly only to find that the final packet is greater than 65,536 bytes. Not knowing what to do with the packet, the system crashes or malfunctions, resulting in its inability to provide service to the legitimate users.