F5 GLOSSARY

Teardrop Attack

Implementations of TCP/IP differ slightly from platform to platform. With some operating systems there is a weakness in the handling of IP packets that can be exploited using a teardrop attack. In this attack, the client sends a packet of information that is intentionally malformed in a specific way to exploit the error that occurs when the packet is reassembled. The result could be a fatal crash in the operating system or application that handles the packet.

By default, the  F5 BIG-IP system handles these attacks correctly by precisely checking the incoming packet's frame alignment and discarding improperly formatted packets. In this way, teardrop packets are dropped and the attack is mitigated before the packets can pass into the protected network.


< Return to the glossary