Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Special pages
Niidae Wiki
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
Denial-of-service attack
(section)
Page
Discussion
English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Teardrop attacks=== {{see also|IP fragmentation attack}} A '''teardrop attack''' involves sending [[Mangled packet|mangled]] [[IP fragment]]s with overlapping, oversized payloads to the target machine. This can crash various operating systems because of a bug in their [[TCP/IP]] [[IPv4#Fragmentation and reassembly|fragmentation re-assembly]] code.<ref name="CERT-1">{{cite web |year=1998 |title=CERT Advisory CA-1997-28 IP Denial-of-Service Attacks |url=https://vuls.cert.org/confluence/display/historical/CERT+Advisory+CA-1997-28+IP+Denial-of-Service+Attacks |access-date=July 18, 2014 |publisher=CERT}}</ref> [[Windows 3.1x]], [[Windows 95]] and [[Windows NT]] operating systems, as well as versions of [[Linux]] prior to versions 2.0.32 and 2.1.63 are vulnerable to this attack.{{efn|Although in September 2009, a vulnerability in [[Windows Vista]] was referred to as a ''teardrop attack'', this targeted [[Server Message Block|SMB2]] which is a higher layer than the TCP packets that teardrop used).<ref>{{cite news|url=http://www.zdnet.com/blog/security/windows-7-vista-exposed-to-teardrop-attack/4222 |archive-url=https://web.archive.org/web/20101106101436/http://www.zdnet.com/blog/security/windows-7-vista-exposed-to-teardrop-attack/4222 |url-status=dead |archive-date=6 November 2010 |title=Windows 7, Vista exposed to 'teardrop attack' |work=ZDNet |date=September 8, 2009 |access-date=2013-12-11}}</ref><ref>{{cite web|url=http://www.microsoft.com/technet/security/advisory/975497.mspx |title=Microsoft Security Advisory (975497): Vulnerabilities in SMB Could Allow Remote Code Execution |publisher=Microsoft.com |date=September 8, 2009 |access-date=2011-12-02}}</ref>}} One of the fields in an [[IP header]] is the ''fragment offset'' field, indicating the starting position, or offset, of the data contained in a fragmented packet relative to the data in the original packet. If the sum of the offset and size of one fragmented packet differs from that of the next fragmented packet, the packets overlap. When this happens, a server vulnerable to teardrop attacks is unable to reassemble the packets resulting in a denial-of-service condition.<ref>{{Citation |last=Bhardwaj |first=Akashdeep |title=Solutions for DDoS Attacks on Cloud Environment |date=2023-06-12 |work=New Age Cyber Threat Mitigation for Cloud Computing Networks |pages=42β55 |url=http://dx.doi.org/10.2174/9789815136111123010006 |access-date=2024-02-09 |publisher=BENTHAM SCIENCE PUBLISHERS |doi=10.2174/9789815136111123010006 |isbn=978-981-5136-11-1}}</ref>
Summary:
Please note that all contributions to Niidae Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Encyclopedia:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Search
Search
Editing
Denial-of-service attack
(section)
Add topic
