Teardrop attacks exploit weaknesses in the recovery of IP packet fragments. During data transmission over the network , IP packets are often split into small parts. Each fragment looks like the original IP packet, with the difference that it contains an offset field that says, for example, "this fragment transmits the bytes in positions 200–400 of the original (non-fragmented) IP packet".
This DoS attack blocks the target computer by sending IP fragments. Fragmented IP packets with a negative fragment length are sent. Older versions of the IP fragment routines do not check this and return an error message for each such packet .
- Amrit Tiwana: Web Security. Digital Press, Boston et al. MA 1999, ISBN 1-555-58210-9 , page 65 online .