I'm loojing for information about Fragment Storm Attacks:
- A malicious Hackers generates a storm of fragmented packet to the victim. As a result the victim will consume most of its CPU to reassemble fragmented packets and may be DoSed . Thjis attack should work even with a low number of fragmented packets (no needs of DDOS).
To protect my network I'd like to filter packets comming through my CISCO router by droping any fragmented packet. (This router is not directly connected on the internet & the network is designed to avoid any fragmented leagcy streams).
If you have any idea to achieve this goal or any archive from the litterature I'll be thankfull,