If you’re running a Windows server, take note. FragmentSmack is a real DDoS vulnerability that’s slowly becoming more prevalent. Catalin Cimpanu at ZD
[See the full post at: FragmentSmack a real concern for servers — this month’s patches guard against it]
|
There are isolated problems with current patches, but they are well-known and documented on this site. |
-
FragmentSmack a real concern for servers — this month’s patches guard against it
- This topic has 3 replies, 4 voices, and was last updated 6 years, 8 months ago.
AuthorViewing 1 reply threadAuthor-
Many AV products and firewall programs allow you to block fragmented and/or malformed IP packets. Many routers also allow you to do the same. For example, I have my home router and my AV program with a built-in firewall configured to do this, as this general type of attack has been around for years.
I wish that routers and firewall and AV programs had an additional setting such that if a flood of fragmented IP packets from a given IP address are detected, then that IP address would automatically be blocked for a user specified time period.
1 user thanked author for this post.
-
-
DDoS attacks change all the time so any protection in a SOHO router is unlikely to remain effective.
cheers, Paul
1 user thanked author for this post.
Viewing 1 reply thread
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Windows hosting exposes additional bugs
by 3 hours, 45 minutes ago
-
No more rounded corners??
by 6 hours, 10 minutes ago
-
Android 15 and IPV6
by 4 hours, 50 minutes ago
-
KB5058405 might fail to install with recovery error 0xc0000098 in ACPI.sys
by 16 hours, 6 minutes ago
-
T-Mobile’s T-Life App has a “Screen Recording Tool” Turned on
by 18 hours, 48 minutes ago
-
Windows 11 Insider Preview Build 26100.4202 (24H2) released to Release Preview
by 13 hours, 22 minutes ago
-
Windows Update orchestration platform to update all software
by 1 day, 2 hours ago
-
May preview updates
by 13 hours, 30 minutes ago
-
Microsoft releases KB5061977 Windows 11 24H2, Server 2025 emergency out of band
by 5 hours, 5 minutes ago
-
Just got this pop-up page while browsing
by 18 hours, 19 minutes ago
-
KB5058379 / KB 5061768 Failures
by 15 hours, 23 minutes ago
-
Windows 10 23H2 Good to Update to ?
by 4 hours, 43 minutes ago
-
At last – installation of 24H2
by 1 day, 17 hours ago
-
MS-DEFCON 4: As good as it gets
by 4 hours, 41 minutes ago
-
RyTuneX optimize Windows 10/11 tool
by 2 days, 5 hours ago
-
Can I just update from Win11 22H2 to 23H2?
by 4 hours, 17 minutes ago
-
Limited account permission error related to Windows Update
by 2 days, 19 hours ago
-
Another test post
by 2 days, 19 hours ago
-
Connect to someone else computer
by 2 days, 13 hours ago
-
Limit on User names?
by 2 days, 17 hours ago
-
Choose the right apps for traveling
by 2 days, 6 hours ago
-
BitLocker rears its head
by 1 day, 14 hours ago
-
Who are you? (2025 edition)
by 1 day, 13 hours ago
-
AskWoody at the computer museum, round two
by 2 days, 9 hours ago
-
A smarter, simpler Firefox address bar
by 3 days, 5 hours ago
-
Woody
by 3 days, 15 hours ago
-
24H2 has suppressed my favoured spider
by 1 day, 14 hours ago
-
GeForce RTX 5060 in certain motherboards could experience blank screens
by 4 days, 5 hours ago
-
MS Office 365 Home on MAC
by 3 days, 23 hours ago
-
Google’s Veo3 video generator. Before you ask: yes, everything is AI here
by 4 days, 19 hours ago
Remembering Woody
