Teardrop attack

Ask a question

Fragment attack

A "fragment attack" is a network saturation (denial-of-service) attack that exploits the fragmentation principle of the IP protocol.

The IP protocol is used to fragment large packets into several IP packets each having a sequence number and a common identification number. When receiving data, the recipient reassembles the packets thanks to the offset values they contain.

The most famous fragment attack is the Teardrop attack. The principle of the Teardrop attack involves inserting false offset information into fragmented packets. As a result, during reassembly, there are empty or overlapping fragments that can cause the system to be unstable.

Recent systems are no longer vulnerable to this attack.

More information

Jean-François Pillou

CCM is a leading international tech website. Our content is written in collaboration with IT experts, under the direction of Jeff Pillou, founder of CCM.net. CCM reaches more than 50 million unique visitors per month and is available in 11 languages.

Learn more about the CCM team

Related

Latest update on October 16, 2008 at 09:43 AM by Jean-François Pillou.

This document, titled "Teardrop attack," is available under the Creative Commons license. Any copy, reuse, or modification of the content should be sufficiently credited to CCM (https://ccm.net/).