Which attack uses a ping with oversized or malformed packets to crash or destabilize the target system?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which attack uses a ping with oversized or malformed packets to crash or destabilize the target system?

Explanation:
Exploiting how a system handles ICMP packet size and IP fragmentation is what this attack relies on. The Ping of Death sends an ICMP Echo Request that is oversized or malformed so that, when the target reassembles the fragmented packets, the result overflows buffers or destabilizes the kernel, leading to a crash or freeze. This works on vulnerable systems because the reassembly logic didn’t correctly enforce size bounds. Modern systems are patched to reject such oversized or malformed packets, so the technique is largely ineffective today. The other options describe different denial mechanisms—Smurf uses a spoofed broadcast ping to flood a target with replies, ICMP flood relies on high-volume ICMP traffic, and DoS is a broad category of various disruption methods—whereas the scenario given specifically matches the oversized-packet ping approach.

Exploiting how a system handles ICMP packet size and IP fragmentation is what this attack relies on. The Ping of Death sends an ICMP Echo Request that is oversized or malformed so that, when the target reassembles the fragmented packets, the result overflows buffers or destabilizes the kernel, leading to a crash or freeze. This works on vulnerable systems because the reassembly logic didn’t correctly enforce size bounds. Modern systems are patched to reject such oversized or malformed packets, so the technique is largely ineffective today. The other options describe different denial mechanisms—Smurf uses a spoofed broadcast ping to flood a target with replies, ICMP flood relies on high-volume ICMP traffic, and DoS is a broad category of various disruption methods—whereas the scenario given specifically matches the oversized-packet ping approach.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy