 |
| - A - |
| - B - |
| - C - |
| - D - |
| - E - |
| - F - |
| - G - |
| - H - |
| - I - |
| - J - |
| - K - |
| - L - |
| - M - |
| - N - |
| - O - |
| - P - |
| - Q - |
| - R - |
| - S - |
| - T - |
| - U - |
| - V - |
| - W - |
| - X - |
| - Y - |
| - Z - |
SYN Flood
SYN Flood
A SYN (synchronize) flood occurs when an attacker forwards a succession of SYN requests to a targeted operating system. When a client attempts to initiate a TCP connection to a server, both the client and the server exchange a series of messages - below is an example of that exchange:
1. The client requests the connection to the server by forwarding a SYN message
2. The server acknowledges the request and returns a SYN-ACK to the client
3. The client responds to the ACK and a connection is established
This exchange of messages is known as the TCP three-way handshake, the foundation of every successful connection that uses TCP protocol.
While SYN is a well known attack, it is not very effective against modern computer networks. It only works if a server allocates resources following a SYN request, and before the ACK has been received. The best counterattack against a SYN flood is using SYN cookies or limiting the number of connections from unknown sources over a fixed time period.