ICMP Fragmented Flood is a DDoS technique that targets system availability by overloading infrastructure. This page explains the attack, mitigation capabilities, and the role of WEDOS Global.
Description
Uses fragmented ICMP packets to overwhelm the target’s reassembly processes.
Mitigation Capabilities
Anycast: Yes, disperses fragmented ICMP traffic.
NGINX Proxy: No, not designed for ICMP traffic.
HAProxy: No, irrelevant for fragmented ICMP.
IDS Suricata: Yes, identifies fragmented ICMP traffic patterns.
WAF: No, irrelevant for ICMP traffic.
OWASP Rules: No, unrelated to ICMP fragmentation threats.
Complex anycast solution – WEDOS Global (or Cloudflare for example): Yes, mitigates fragmented ICMP attacks.
Solutions
Use firewalls and IDS systems to monitor and block fragmented ICMP traffic.
Why WEDOS Global?
WEDOS Global provides Anycast-powered edge protection that filters malicious traffic before it reaches your core systems. For DDoS types like ICMP Fragmented Flood, WEDOS offers scalable global filtering combined with advanced detection strategies and 24/7 support.
Can WEDOS Global Help?
✅ WEDOS Global is highly effective against this attack due to global Anycast and intelligent filtering.