IP Fragmentation Attacks - Fragmentation For Evasion

Fragmentation For Evasion

Network infrastructure equipment such as routers, load-balancers, firewalls and IPS have inconsistent visibility into fragmented packets. For example, a device may subject the initial fragment to rigorous inspection and auditing, but might allow all additional fragments to pass unchecked. Some attacks may use this fact to evade detection by placing incriminating payload data in fragments. Devices operating in "full" proxy mode are generally not susceptible to this subterfuge.

Read more about this topic: IP Fragmentation Attacks