Home

Forums

Stories

Knowledge Base

Business Community > Routers > Firewall "Ping Of Death" blocks regular pings

< Routers

Firewall "Ping Of Death" blocks regular pings

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Firewall "Ping Of Death" blocks regular pings

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

GregPL

2021-01-27 11:44:21 - last edited 2021-04-18 09:53:56

Posts: 2

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2021-01-27

Firewall "Ping Of Death" blocks regular pings

2021-01-27 11:44:21 - last edited 2021-04-18 09:53:56

Model: ER605 (TL-R605)

Hardware Version: V1

Firmware Version: 1.0.0 Build 20200930 Rel.36519

Ping of Death blocks regular pings from LAN to router - no reply

The pings must be shorter than 56 bytes (default)

E.g when I ping with 4 bytes I got no reply from the router

ping -s 4 192.168.0.1

When I disabled "Ping of death" in router firewall - it started to work as expected and reply

Correct ASAP

2 Reply

Fae

2021-01-29 11:26:15 - last edited 2021-04-18 09:53:56

Posts: 3613

Helpful: 1357

Solutions: 474

Stories: 0

Registered: 2020-06-30

Re:Firewall "Ping Of Death" blocks regular pings

2021-01-29 11:26:15 - last edited 2021-04-18 09:53:56

Dear @GregPL,

Ping of Death blocks regular pings from LAN to router - no reply

In Standalone mode, when the packet is outside the range of 46-65535 bytes, the router would determine it as Ping of Death Attack and drop the packet to protect the network. It is recommended to enable the block Ping of Death attack for security concerns.

More info about the Ping of Death, https://en.wikipedia.org/wiki/Ping_of_death

>> Omada EAP Firmware Trial Available Here << *Try filtering posts on each forum by Label of [Early Access]*

GregPL

LV1

2021-01-29 12:02:50 - last edited 2021-04-18 09:53:56

Posts: 2

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2021-01-27

Re:Firewall "Ping Of Death" blocks regular pings

2021-01-29 12:02:50 - last edited 2021-04-18 09:53:56

Hi I agree that PingOf Death prevention algorithm shall block too long pings possibly causing buffer overflow at 65536 bytes of payload But I don't understand why router blocks short pings - they are used commonly in the networking to minimize traffic in the network. I work for a telecommunication company producing networking equipment and this is the first time I observe such behavior in a router. Ping Of Death attack bases on buffer overflow and IP packet fragmentation, not on small Ping Request ICMP messages. Can you provide official Statement or Standard document which recommends blocking of short Ping Requests as a measure to prevent Ping Of Death attack? Greg

Firewall "Ping Of Death" blocks regular pings

Firewall "Ping Of Death" blocks regular pings

Information

Voters 0

Tags