Teardrop Attack

Implementations of TCP/IP differ slightly from platform to platform. With some operating systems there is a weakness in the handling of IP packets that can be exploited using a teardrop attack. In this attack, the client sends a packet of information that is intentionally malformed in a specific way to exploit the error that occurs when the packet is reassembled. The result could be a fatal crash in the operating system or application that handles the packet.

By default the F5 BIG-IP system handles these attacks correctly by precisely checking the incoming packet's frame alignment and discarding improperly formatted packets. In this way teardrop packets are dropped and the attack is mitigated before the packets can pass into the protected network.


Connect with F5

F5 Labs

The latest in application threat intelligence.


The F5 community for discussion forums and expert articles.

F5 Newsroom

News, F5 blogs, and more.