Ping of Death (PoD)

16th February 2021 | Cybrary Ping of Death (PoD)


ping of death

A Ping of Death (PoD) is a type of Denial of Service (DoS) attack that deliberately sends IP packets larger than the 65,536 bytes allowed by the IP protocol. One of the features of TCP/IP is fragmentation; allowing a single packet to be broken down into smaller segments. 

This DoS attack started back in the 90’s, where most operating systems didn’t know what to do when they received an oversized packet, so they froze, crashed, or rebooted. Ping of Death attacks are particularly brutal because the identity of the attacker sending the oversized packet could be easily ‘spoofed’ since the attacker doesn’t need to know anything about the victim, except their IP address. By the end of the 90’s, operating systems made patches available for users to avoid the ping of death. Still, many sites block Internet Control Message Protocol (ICMP) ping messages at their firewalls to prevent any future variations of this kind of denial of service attack.

What does this mean for an SMB?

A Distributed Denial of Service attack may pose a potential threat against gambling companies or other mid-to-large enterprises such as banks and defense contractors. DDoS attacks are rarely used against SMB’s unless they upset a hacker group. In other cases, one hacking group against another.

We are not saying it won’t happen, but the cost of protection is so great in many cases, the advice to an SMB is to know what it is, and establish a relationship with a DDoS protection vendor without paying for protection. DDoS protection vendors include Arbor Networks, AT&T, Verizon, and Akamai. Mid-to-Large enterprises should have contracts in place to protect themselves in seconds when hit with a DDOS attack. SMB’s should not.

To learn more about Denial of Service (DoS) attacks, watch this short video:

Sources: 

ISC2.org

Imperva

TechTarget

Additional Reading:

How Does a Ping of Death Attack Work?

Windows “Ping of Death” Bug Revealed – 2020

Related Terms:

Denial of Service (DoS)

Distributed Denial of Service (DDoS)

Wireshark

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!


Sign Up Today!

Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

Make Phishing Training Count with HootPhish

Make Phishing Training Count with HootPhish

Stop tricking employees. Start training them. Take Control of Your Security Awareness Training with a Platform...

Read more
Apple Alert: Critical AirPlay Vulnerabilities Expose Millions to Cyber Threats

Apple Alert: Critical AirPlay Vulnerabilities Expose Millions to Cyber Threats

A recent discovery by cybersecurity firm Oligo Security has unveiled a series of critical vulnerabilities in...

Read more
CyberHoot Newsletter – May 2025

CyberHoot Newsletter – May 2025

Welcome to CyberHoot's May Newsletter! This month, we're spotlighting key developments in the cyber threat...

Read more