SYN flood attack

SYN flood attack

An assault on a network that prevents a TCP/IP server from servicing other users. It is accomplished by not sending the final acknowledgment to the server's SYN-ACK response (SYNchronize-ACKnowledge) in the handshaking sequence, which causes the server to keep signaling until it eventually times out. The source address from the client is, of course, counterfeit. SYN flood attacks can either overload the server or cause it to crash. See denial of service attack.
References in periodicals archive ?
In a SYN Flood attack, for example, the invader sends enough SYN requests to a company's system to consume server resources and stall legitimate traffic.
As a result, the node produce larger number of half-open states and also SYN flood attack impacts can be reduced.
A TCP SYN flood attack occurs when an attacker sends multiple TCP SYN requests to a VoIP gateway or call manager system, causing a resource exhaustion condition in the TCP/IP stack of that system.
For example, in a SYN flood attack, packets are sent to a target using spoofed (fake) IP source addresses.
Under a TCP SYN flood attack, Secure64 DNS responded to nearly 100 percent of legitimate queries until attack traffic reached approximately 300 Mbps (300,000 SYNs and ACKs per second), and then degraded slowly to 51 percent availability when line saturation occurred at 550 Mbps.
Bi-directional network latency of UDP packets is measured under three test conditions: with no load, with 500 Mbps of HTTP traffic (or half the rated load of the device if this is less than 1 Gbps), and while the device is under a heavy SYN flood attack (up to 10% of the rated throughput of the sensor).
Tests show that the IPS 5500 was able to block high-volumes of SYN Flood attack packets without degrading the performance of the legitimate traffic.
The DoS attacks included a SYN Flood attack and Idle Connection attack, and was judged on a pass or fail basis.
If not stopped quickly, the SYN flood attack will consume system resources until the target system becomes unstable or crashes.
The SYN flood attack exposes a gaping hold in Internet security which must be fixed rapidly," said Chris Schefler, president and co-founder of WebCom.