CAPEC 494 TCP Fragmentation

This Attack May Be Mitigated By Enforcing Rules At The Router Following The Guidance Of Rfc1858. The Essential Part Of The Guidance Is Creating The Following Rule "If Fo=1 And Protocol=Tcp Then Drop Packet" As This Mitigated Both Tiny Fragment And Overlapping Fragment Attacks In Ipv4. In Ipv6 Overlapping(Rfc5722) Additional Steps May Be Required Such As Deep Packet Inspection. The Delayed Fragments May Be Mitigated By Enforcing A Timeout On The Transmission To Receive All Packets By A Certain Time Since The First Packet Is Received. According To Rfc2460 Ipv6 Implementations Should Enforce A Rule To Discard All Fragments If The Fragments Are Not All Received Within 60 Seconds Of The First Arriving Fragment.