top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

what is SYN flood ?

0 votes
218 views
what is SYN flood ?
posted Sep 25, 2013 by Ganesh Kumar

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button
A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target's system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic.

1 Answer

+1 vote
 
Best answer

SYN is an initial packet send by TCP client to TCP server. In response, TCP server sends SYN-ACK and wait for ACK from TCP client. It might be happened a fake/forged TCP client is keeping sending SYN and receiving SYN-ACK from TCP server but not sending ACK to TCP server. In that case, server will be busy and it might not be able to serve any genuine TCP client. That is the situation called "SYN flood".

answer Sep 25, 2013 by Vikram Singh
Similar Questions
+1 vote

We have 2 servers.
Server1 has a apache.
Server2 has a tomcat.

Now we see there are many syn recv connection via "netstat -ant". These kinds of connection are running out the CPU.

We googled it and found it looks like of syn recv attack.

So I just want to know:
1. How to verify it DOES is a syn recv attack?
2. Is there any way to fight against these kind of connections? Can I do some configuration at Apache?
3. Because our server1 is deployed at a cloud center. I guess these cloud center should also be attack?

0 votes

I know subnet mask is used to separate network byte and host byte but what if my subnet mask is not configured properly.

E.g.
In my environment i need to use 255.255.254.0 as a subnet but i mistakenly configured 255.255.252.0 but still I am able to receive and send data from my system, Then what is the use of using correct subnet?

0 votes

I heard this term many times. I want to understand how it works and where exactly it is used mainly in the context of cloud computing ?

...