312-50V10 · Question #371
Which of the following network attacks takes advantage of weaknesses in the fragment reassembly functionality of the TCP/IP protocol stack?
The correct answer is A. Teardrop. The Teardrop attack exploits the TCP/IP fragment reassembly process by sending malformed, overlapping IP fragments that crash or freeze the target system during reassembly.
Question
Which of the following network attacks takes advantage of weaknesses in the fragment reassembly functionality of the TCP/IP protocol stack?
Options
- ATeardrop
- BSYN flood
- CSmurf attack
- DPing of death
How the community answered
(42 responses)- A86% (36)
- B2% (1)
- C2% (1)
- D10% (4)
Why each option
The Teardrop attack exploits the TCP/IP fragment reassembly process by sending malformed, overlapping IP fragments that crash or freeze the target system during reassembly.
Teardrop is a classic IP fragmentation attack that sends IP fragments with overlapping offset values. When the target system attempts to reassemble these malformed fragments, the overlap causes the reassembly algorithm to fail, often resulting in a system crash or freeze. This directly targets the weakness in the TCP/IP stack's fragment reassembly functionality.
A SYN flood exploits the TCP three-way handshake by sending large volumes of SYN packets without completing the connection, exhausting server resources - not related to fragment reassembly.
A Smurf attack amplifies ICMP echo requests by broadcasting them with a spoofed source IP to flood the victim, which is unrelated to IP fragmentation.
The Ping of Death sends an oversized ICMP packet that exceeds the maximum legal size, crashing the target on receipt - it targets packet size limits, not fragment reassembly logic.
Concept tested: IP fragmentation Teardrop attack mechanism
Source: https://learn.microsoft.com/en-us/security/engineering/network-attacks
Topics
Community Discussion
No community discussion yet for this question.