<div>
A Teardrop attack involves sending mangled IP fragments with overlapping, over-sized payloads to the target machine. This can crash various operating systems due to a bug in their TCP/IP fragmentation re-assembly code.[5] Windows 3.1x, Windows 95 and Windows NT operating systems, as well as versions of Linux prior to versions 2.0.32 and 2.1.63 are vulnerable to this attack.<br />
<br />
Around September 2009, a vulnerability in Vista was referred to as a &quot;teardrop attack&quot;, but the attack targeted SMB2 which is a higher layer than the TCP packets that teardrop used<br />

</div>


A Teardrop attack involves sending mangled IP fragments with overlapping, over-sized payloads to the target machine. This can crash various operating systems due to a bug in their TCP/IP fragmentation re-assembly code.[5] Windows 3.1x, Windows 95 and Windows NT operating systems, as well as versions of Linux prior to versions 2.0.32 and 2.1.63 are vulnerable to this attack.

Around September 2009, a vulnerability in Vista was referred to as a "teardrop attack", but the attack targeted SMB2 which is a higher layer than the TCP packets that teardrop used


<div>
yes I know the destination and source IP...so does that mean a fals positive?
</div>


yes I know the destination and source IP...so does that mean a fals positive?

<div>
Yeah, I would assume so and it's not really a threat to newer operating systems anyway.
</div>


Yeah, I would assume so and it's not really a threat to newer operating systems anyway.

<div>
<div class="content wysiwyg-content">
We have a juniper netscreen which has a VPN tunnel to/from ip 209.90.159.58 and I am seeing the following in the log files of the netscreen:<br />
<br />
Teardrop attack! From 209.90.159.58 to 209.90.159.60, proto 50 (zone Untrust, int ethernet3). Occurred 1 times.<br />
<br />
any information to help me determine why would be helpful
</div>
</div>


We have a juniper netscreen which has a VPN tunnel to/from ip 209.90.159.58 and I am seeing the following in the log files of the netscreen:

Teardrop attack! From 209.90.159.58 to 209.90.159.60, proto 50 (zone Untrust, int ethernet3). Occurred 1 times.

any information to help me determine why would be helpful

Teardrop attack

Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.