A SYN attack is one where an attacker makes an initial connection to a victim computer and the victim computer...
waits for the completion of the connection. The attack is exploiting part of the three-way handshake in TCP for establishing reliable connections. When the initial connection is left open, it consumes resources on the victim computer until it runs out of connections or has other issues.
To protect against sync flood attacks, you have several options. The attacks can be detected by standard intrusion detection systems (IDS) and could also be blocked or minimized by built-in features in firewalls and other devices. Further protections could include lowering timeouts for how long a system waits for another system to complete the three-way handshake or having your ISP block the attacks.
Related Q&A from Nick Lewis
As the Angler exploit kit evolves and adopts new functionality, it's becoming harder to detect and defend against. Enterprise threats expert Nick ...continue reading
A proof-of-concept attack on Apple's Siri allowed researchers to steal data from iOS. Learn more about the iStegSiri attack and how to defend against...continue reading
A new global email scam has cost enterprises millions. Expert Nick Lewis explains how to defend against man-in-the-email attacks with proper training...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.