SYN Flood DoS Attack Explained

August 6, 2024

What is a SYN Flood DoS Attack?

When two devices first create a TCP connection via the TCP three way handshake, the client machine sends what is called a SYN request to the server. The server then responds with a SYN/ACK and so forth, this creates a TCP connection between the client machine and the host machine, see my quick deep dive article on that here. What an attacker does in this type of Denial of Service attack though, is they flood the target machine with SYN requests, so that eventually the host machine can’t form any more TCP connections and crashes.

Prevention

Prevention of a SYN Flood DoS Attack can be accomplished via rate limiting the number of concurrent SYN requests from a specific IP, although in a SYN Flood DDoS Attack as the number of attacking IP increases, this method of prevention will become more or less useless.

Walter Miely is a tech entrepreneur and CEO of Phoenix Ignited Tech You can find him on Linkedin. This material is licensed under the CC BY 4.0 License LEGAL DISCLAIMER: The content provided here is provided AS IS, and part of, or the entirety of this content may be incorrect. Please read the entireLegal Disclaimer here.

Legal Disclaimer This website and all content on this website including but not limited to educational content, tutorials, software tutorials, cyber security tutorials, server management tutorials, application tutorials, is provided "AS IS" with absolutely no warranty including absolutely no warranty of Usability or Merchantability, not even implied warranty. Read the full disclaimer here: PHOENIX IGNITED DISCLAIMER
All Logos and Copywritten material is the trademark and / or copyright of the respective owners / companies. The respective owners / companies hold all rights to the respective trademarks / copy written material and is displayed on this site strictly in accordance with any agreements between Phoenix Ignited LLC and the respective owners / companies.

+ Ave Maria +

SYN Flood DoS Attack Explained