TCP SYN Flood is a type of denial of service (DoS) attack or distributed denial of service (DDoS) attack that can overwhelm a server with a lot of syn requests. The server in a syn request never receives an acknowledgment (ACK) from the requesting client which forces the server to continue with the SYN/ACK reply.
The server in a syn flood attack consumes a lot of resources waiting for a reply from the client which makes the server unresponsive to legitimate traffic.
Here’s a diagram that explains how this attack takes place:
How do you prevent a syn flood attack?
- Use solutions that offers visibility of your entire network. With this, you have the ability to monitor and analyze traffic patterns.
- Use of IPS and IDS to identify and analyze malicious traffic patterns.
- Update and proper maintenance of all networking equipment.
jnmakuru Changed status to publish March 29, 2023