Fragmentation Attack is a DDoS technique that targets system availability by overloading infrastructure. This page explains the attack, mitigation capabilities, and the role of WEDOS Global.
Description
Sends fragmented packets to overwhelm the server’s ability to reassemble them, leading to resource exhaustion.
Mitigation Capabilities
Anycast: Yes, distributes fragmented traffic across nodes.
NGINX Proxy: No, not designed for fragmented traffic.
HAProxy: No, irrelevant for fragmented packets.
IDS Suricata: Yes, identifies fragmentation anomalies.
WAF: No, WAFs don’t process fragmented traffic.
OWASP Rules: No, not applicable to fragmented packets.
Complex anycast solution – WEDOS Global (or Cloudflare for example): Yes, mitigates fragmentation-based attacks.
Solutions
Use firewalls with fragmentation reassembly checks and IDS systems.
Why WEDOS Global?
WEDOS Global provides Anycast-powered edge protection that filters malicious traffic before it reaches your core systems. For DDoS types like Fragmentation Attack, WEDOS offers scalable global filtering combined with advanced detection strategies and 24/7 support.
Can WEDOS Global Help?
✅ WEDOS Global is highly effective against this attack due to global Anycast and intelligent filtering.