Top Special Offer! Check discount
Get 13% off your first order - useTopStart13discount code now!
Information technologies are essential to the functioning of modern civilization. All aspects of human existence have been impacted by information technologies. The worldwide Internet is a crucial component of them. Of course, maintaining the security of information flow within the network is one of the major obstacles. Cyber attacks and cyber threats are among the security risks because they seriously impede the effective operation of international networks. There are many different kinds of cyber threats, and each has its own quirks, which cyber specialists and programmers must know to be ready to deal with it. The present
paper deals with the discussion of the cyber threat, called ping of death, its definition and types of counter attack measures.
Key words: cyber threats, cyber attacks, information technologies
Ping of death (Cyber Attack)
Reasons of Cyber Attacks and threats
The Internet completely changes the way of people’s work, live, have fun and learn. These changes occur in already known areas, such as e-Commerce, access to information in real time, empowering communication and many other areas (Wang, 2013). Very often people may not even know about the cyber threat, however, it can completely ruin the net and security system. Modern society is just beginning to realize the possibilities of the Internet. However, with the enormous growth of popularity of this technology, an unprecedented risk of disclosure of personal data, critical enterprise resources and government secrets raises (Wang, 2013). Every day, hackers pose threats to these resources, trying to access them by using special attacks. These attacks are becoming more sophisticated in understanding and simple in execution. This is facilitated by two main factors. First, it is the widespread penetration of the Internet. Today millions of devices are connected to the network. Thus, the likelihood of hacker access on vulnerable devices is constantly increasing. In addition, the wide spread of the Internet allows hackers to share information on a global scale. A simple search on key words like “hacker”, “hacking”, “hack” or “crack” can give thousands of sites, many of which can provide malicious codes and methods of their use (Wang, 2013). Secondly, it is a general spread of easy to use operating systems and development environments. This factor dramatically reduces the level of knowledge and skills necessary for the hacker. Long years before hackers had to have good programming skills in order to create and distribute easy –to- use application. Nowadays, in order to obtain access to the hacking tool, it is necessary to know the IP address of the desired website, and launch an attack by simple click of the mouse.
Cyber threats
Although, practically all modern networks, browsers and servers are properly connected, the threat of cyber attack exists. Cyber threats may be referred to persons who try to obtain unauthorized and illegal access to a control system device, network or server with the help of a data communications pathway (Stelios, 2009). Such unauthorized access may be carried out either from an organization by the trusted users or from the remote location by unknown people using the Internet. Different sources can direct cyber threats aimed at controlling systems (Stelios, 2009). These sources can include hostile governments, terrorist groups, discontented employees, and spiteful intruders. There is an opportunity to be protected against the cyber threats, and one of the means of protection is creation of a safe cyber-barrier around the Industrial Control System (ICS) (Stelios, 2009). Despite there is a great variety of other potential threats, such as natural disasters, environmental, mechanical breakdown, and unintentional actions of an authorized users, it is necessary to discuss a ping of death, as one of the newest, but extremely dangerous cyber threat.
Ping of death
Ping of Death (PoD) is one of the kinds of Denial of Service (DoS) attack (Tech target, 2006). It deals with the attacker attempting to collide, undermine, or freeze the computer, which is under attack or destroy service by means of sending deformed or oversized packets with the help of an easy ping command. PoD attacks use legacy inadequacies, which have been spaced in the targeted systems. Nevertheless, the attacks are still possible even in the unpatched systems (Tech target, 2006). The world of cyber security has recently announced the creation of other type of PoD attack, which is commonly known as a Ping flood (Tech target, 2006). This kind of the attack hits targeted system with rapid sending of ICMP packets via ping without waiting for the replies (Tech target, 2006).
Description of ping of death attack
The ping of death, leading to a denial of service is caused, when the sender intentionally sends an IP packet, the size of which exceeds the 65,536 bytes permitted by the IP protocol (Imperva incapsula, 2016). TCP/IP is characterized by fragmentation, allowing a single oversized or huge sized IP packet to be broken down and separated into smaller segments. However, the feature became advantageous for attackers in 1996, when they found that it was possible to add up the broken down package and achieve the allowed 65,536 bytes (Imperva incapsula, 2016). The problems were created when operating systems did not know how to deal with the oversized packets; therefore, they froze, stopped working, or rebooted.
Taking into account that a ping packet, the size of which exceeds 65,535 bytes leads to the violation of the Internet Protocol, attackers prefer sending malformed packets, which are divided into fragments (Imperva incapsula, 2016). When the target system tries to reconnect and rebuild the fragments, it results in the oversized packet, after receiving of which system memory is overflowed and leads to a range of system problems, where crash is one of the most widely- spread. Ping of Death attacks were mainly effectual because the identity of attacker could be simply spoofed. In addition, attackers, using a Ping of Death cyber threat, would not require any details about targeted system or machine they are attacking, except its IP address (Imperva incapsula, 2016). It is necessary to admit that this defenselessness, although best known for its use by PoD attacks, can really be exploited by anything, sending IP datagram: ICMP echo, TCP, UDP and IPX (Imperva incapsula, 2016).
Mitigation of ping of death attacks
After numerous cases of ping of death attacks, programmers have elaborated a range of measures, forwarded for mitigation of threat. In order to avoid this type of cyber threat as well as its variants, many sites try to block ICMP ping messages at their firewalls, although, this method is not always effective and practical in the long term. Firstly, unacceptable packet attacks can be aimed at any listening port, such as FTP ports and all of these ports cannot be blocked for operational reasons. Furthermore, the block of ping messages prevents from legitimating ping use, and there are still values, relying on ping in order to check the connections are live (Imperva incapsula, 2016).One of the smarter approaches to be used is to block fragmented pings selectively, permitting ping traffic to pass unconstrained. Incapsula DDoS Protection services cleverly and preemptively make out and filter out each unusually large packet, even if it is fragmented, thus making two things simultaneously: eliminating the danger of PoD and analogous packet-based attacks (Imperva incapsula, 2016).
In 1997, vendors of the operating systems made patches accessible in order to avoid the ping of death threats (Tech target, 2006). However, many websites try to be proactive and more careful and continue blocking Internet Control Message Protocol ping messages, considering it the most effective way to prevent any future variations denial of service attack. Since that time, many attempts were made to create reliable and effective methods of dealing with the ping of death attacks. Moreover, any service has a certain set of basic ports required for it to work. Furthermore, advance block on the firewall will help to narrow the field to attack. If the person has a defined list of key customers, it is necessary to make sure to add their address in the predefined white list so that an attack does not cut it.
References
Imperva incapsula (2016). Ping of Death (PoD). Retrieved March 22, 2017 from < https://www.incapsula.com/ddos/attack-glossary/ping-of-death.html>
Tech target (2006). Ping of death. Retrieved March 22, 2017 from < http://searchsecurity.techtarget.com/definition/ping-of-death>
Stelios, A. (2009). The PING of Death and Other DoS Network Attacks. Retrieved March 22, 2017 from < https://www.pluralsight.com/blog/it-ops/ping-of-death-and-dos-attacks>
Wang, R. (2013). Malware B-Z: Inside the Threat from Blackhole to Zero Access. NY: Sophos
Hire one of our experts to create a completely original paper even in 3 hours!