The IT Law Wiki

SYN flood

32,299pages on
this wiki
Add New Page
Talk0 Share

Definition Edit

SYN flood (or SYN flood attack) is

[a] denial-of-service attack that sends a large number of TCP SYN (synchronize) packets to a host with the intent of disrupting the operation of that host.[1]

Overview Edit

"In normal data exchange, a SYN packet is sent from computer A to computer B. In return, computer B will send a SYN/ACK packet to computer A. Then, computer A will send an ACK packet to computer B, establishing a connection. In a SYN flood attack, an intruder will send a SYN packet from computer A to computer B, but the intruder spoofs the source address of a non-existent system. Spoofing means gaining unauthorized access to a machine by pretending to be someone from a trusted site. Computer B will attempt to send a SYN/ACK to a non-existent system, causing a back-logged queue of connection attempts from computer B to computer A. The intruder can eventually disable a port or service just by sending a few SYN packets."[2]

References Edit

  1. Internet Security Glossary, at 296.
  2. A New Evolution in Hack Attacks: A General Overview of Types, Methods, Tools, and Prevention, at 5.

See also Edit

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Also on Fandom

Random Wiki