The IT Law Wiki

SYN flood

32,062pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

SYN flood (or SYN flood attack) is

[a] denial-of-service attack that sends a large number of TCP SYN (synchronize) packets to a host with the intent of disrupting the operation of that host.[1]

Overview Edit

"In normal data exchange, a SYN packet is sent from computer A to computer B. In return, computer B will send a SYN/ACK packet to computer A. Then, computer A will send an ACK packet to computer B, establishing a connection. In a SYN flood attack, an intruder will send a SYN packet from computer A to computer B, but the intruder spoofs the source address of a non-existent system. Spoofing means gaining unauthorized access to a machine by pretending to be someone from a trusted site. Computer B will attempt to send a SYN/ACK to a non-existent system, causing a back-logged queue of connection attempts from computer B to computer A. The intruder can eventually disable a port or service just by sending a few SYN packets."[2]

References Edit

  1. Internet Security Glossary, at 296.
  2. A New Evolution in Hack Attacks: A General Overview of Types, Methods, Tools, and Prevention, at 5.

See also Edit

Also on Fandom

Random Wiki