Firewall "Ping Of Death" blocks regular pings

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Firewall "Ping Of Death" blocks regular pings

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Firewall "Ping Of Death" blocks regular pings
Firewall "Ping Of Death" blocks regular pings
2021-01-27 11:44:21 - last edited 2021-04-18 09:53:56
Model: ER605 (TL-R605)  
Hardware Version: V1
Firmware Version: 1.0.0 Build 20200930 Rel.36519

Ping of Death blocks regular pings from LAN to router - no reply

The pings must be shorter than 56 bytes (default) 

E.g when I ping with 4 bytes I got no reply from the router

 

ping -s 4 192.168.0.1

 

When I disabled "Ping of death" in router firewall - it started to work as expected and reply

Correct ASAP

 

  0      
  0      
#1
Options
2 Reply
Re:Firewall "Ping Of Death" blocks regular pings
2021-01-29 11:26:15 - last edited 2021-04-18 09:53:56

Dear @GregPL,

 

Ping of Death blocks regular pings from LAN to router - no reply

 

In Standalone mode, when the packet is outside the range of 46-65535 bytes, the router would determine it as Ping of Death Attack and drop the packet to protect the network. It is recommended to enable the block Ping of Death attack for security concerns.

More info about the Ping of Death, https://en.wikipedia.org/wiki/Ping_of_death

>> Omada EAP Firmware Trial Available Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#2
Options
Re:Firewall "Ping Of Death" blocks regular pings
2021-01-29 12:02:50 - last edited 2021-04-18 09:53:56
Hi I agree that PingOf Death prevention algorithm shall block too long pings possibly causing buffer overflow at 65536 bytes of payload But I don't understand why router blocks short pings - they are used commonly in the networking to minimize traffic in the network. I work for a telecommunication company producing networking equipment and this is the first time I observe such behavior in a router. Ping Of Death attack bases on buffer overflow and IP packet fragmentation, not on small Ping Request ICMP messages. Can you provide official Statement or Standard document which recommends blocking of short Ping Requests as a measure to prevent Ping Of Death attack? Greg
  0  
  0  
#3
Options

Information

Helpful: 0

Views: 1578

Replies: 2

Related Articles