IP fragmentation attack - Definition from the Hotspot Shield Glossary

This is where an IP (Internet Protocol) datagram is split into several smaller sized packets. The IP datagrams are encapsulated, and the link MTU (Maximum Transmission Unit) applies to larger IP datagrams which in turn forces them to be split into smaller pieces of equal size (the size must be smaller than the Maximum Transmission Unit).

As IP datagrams can be split, this process has been exploited and there are various exploits that are known; IP fragment overload, IP fragmentation buffer full, IP fragment overrun, IP fragment too many datagrams, IP fragment incomplete datagram and IP fragment too small. All of these exploits deal with how the IP datagram is formed and the various differences in the end result of the datagram can point to a type of attack being attempted, i.e. if an IP fragment cannot be reassembled, it is likely that a DoS attack is being taken out.

Download Our Free VPN

Download Hotspot Shield VPN. It’s Free!

Join over 650 million users already enjoying absolute Internet Freedom around the world by downloading Hotspot Shield VPN.

Start Free Trial