The canonical example of an attack that goes after TCP/IP implementation weaknesses is the Ping of Death attack. In this exploit, your enemy creates an IP packet that exceeds the IP standard's maximum 65,536-byte size. When this bloated packet arrives it crashes systems that are using a vulnerable TCP/IP stack and operating system.
All modern operating systems and stacks are immune to the Ping of Death attack, but older Unix systems may still be vulnerable.
Another attack that relies on poor TCP/IP implementation is Teardrop, which exploits defects in the way systems reassemble IP packet fragments. On their way from hither to yon on the Internet, an IP packet may be broken up into smaller pieces. Each of these still has the original IP packet's header, as well as an offset field that identifies which bytes of the original packet it contains. With this information, an ordinary broken packet is reassembled at its destination and network continues uninterrupted. When a Teardrop attack hits, your server is bombarded with IP fragments that have overlapping offset fields. If your server or router can't disregard these fragments and attempts to reassemble them, your box will go castors up quickly. If your systems are up-to-date, or if you have a firewall that blocks Teardrop packets, you shouldn't have any trouble.
