A ping of death is a Layer 3 (network) attack vector, one of the malformed-packet classes a thorough DDoS test is built to exercise. The attacker sends an ICMP echo request whose reassembled size exceeds the maximum legal IP packet length of 65,535 bytes, delivered as fragments. A vulnerable host that does not bound the reassembly buffer overflows it when stitching the fragments back together, causing a crash, hang, or reboot. A single malformed packet can take a system down, making it a denial-of-service primitive rather than a volumetric flood.
Why it matters in DDoS testing
Modern kernels validate reassembly length, so the classic ping of death is largely historical, but the underlying class (malformed and oversized fragments) recurs in new forms whenever a parser mishandles edge cases. A test confirms that fragment-handling and packet-validation paths reject malformed input rather than crash, especially after kernel or appliance firmware changes. The malformed-packet family is detailed in Understanding DDoS Attack Vectors.