TechNotes Practice tests

Hi everybody,

I'm trying to workout the practice questions provided by TechExams forums, and I need your help to get explanations.

Question #7
7. Which of the following attacks is NOT aimed at fragmentation vulnerabilities of the IP stack?

Answer: Smurf Attack.

Isn't the ICMP part of the IP Stack ? Isn't this attack happening due to inherent weakness of TCP/IP stack ?

please help

Find more posts tagged with

Comments

astorrs

UnixGuy wrote: »

Hi everybody,

I'm trying to workout the practice questions provided by TechExams forums, and I need your help to get explanations.

Isn't the ICMP part of the IP Stack ? Isn't this attack happening due to inherent weakness of TCP/IP stack ?

please help

A Smurf Attack isn't taking advantage of fragmentation vulnerabilities; instead it's exploiting the normal behavior of the ICMP echo command and causing a denial-of-service attack against the target.

UnixGuy

astorrs wrote: »

A Smurf Attack isn't taking advantage of fragmentation vulnerabilities; instead it's exploiting the normal behavior of the ICMP echo command and causing a denial-of-service attack against the target.

Can you please give me examples of Fragmentation vulnerabilities in IP Stack ?

astorrs

UnixGuy wrote: »

Can you please give me examples of Fragmentation vulnerabilities in IP Stack ?

Have a look at the teardrop attack of "yesteryear" (pretty much useless these days) as it's a good example.

UnixGuy

Thanks

I need serious review specially Cryptography.