→ IP fragmentation is the process of breaking up a single Internet Protocol (IP) packet into multiple packets of smaller size. Every network link has a characteristic size of messages that may be transmitted, called the maximum transmission unit (MTU).
→ The support for fragmentation of larger packets provides a protocol allowing routers to fragment a packet into smaller packets when the original packet is too large for the supporting data link frames.
→ IP fragmentation exploits (attacks) use the fragmentation protocol within IP as an attack vector.
IP fragment over lapped:
The IP fragment overlapped exploit occurs when two fragments contained within the same IP packet have offsets that indicate that they overlap each other in positioning within the packet. This could mean that either fragment A is being completely overwritten by fragment B, or that fragment A is partially being overwritten by fragment B.
Overlapping fragments may also be used in an attempt to bypass Intrusion Detection Systems