TechNotes Practice tests
Hi everybody,
I'm trying to workout the practice questions provided by TechExams forums, and I need your help to get explanations.
Isn't the ICMP part of the IP Stack ? Isn't this attack happening due to inherent weakness of TCP/IP stack ?
please help
I'm trying to workout the practice questions provided by TechExams forums, and I need your help to get explanations.
Question #7
7. Which of the following attacks is NOT aimed at fragmentation vulnerabilities of the IP stack?
Answer: Smurf Attack.
Isn't the ICMP part of the IP Stack ? Isn't this attack happening due to inherent weakness of TCP/IP stack ?
please help
Comments
-
astorrs
Member Posts: 3,139 ■■■■■■□□□□
A Smurf Attack isn't taking advantage of fragmentation vulnerabilities; instead it's exploiting the normal behavior of the ICMP echo command and causing a denial-of-service attack against the target.Hi everybody,
I'm trying to workout the practice questions provided by TechExams forums, and I need your help to get explanations.
Isn't the ICMP part of the IP Stack ? Isn't this attack happening due to inherent weakness of TCP/IP stack ?
please help -
UnixGuy
Mod Posts: 4,570 Mod
A Smurf Attack isn't taking advantage of fragmentation vulnerabilities; instead it's exploiting the normal behavior of the ICMP echo command and causing a denial-of-service attack against the target.
Can you please give me examples of Fragmentation vulnerabilities in IP Stack ? -
astorrs
Member Posts: 3,139 ■■■■■■□□□□
Have a look at the teardrop attack of "yesteryear" (pretty much useless these days) as it's a good example.Can you please give me examples of Fragmentation vulnerabilities in IP Stack ?
