How to defend against a sync flood attack

Nick Lewis explains how to protect your organization from sync flood attacks.

Nick Lewis

What are some ways to protect against sync flood attacks?

A Sync flood attack, better known as a SYN attack, has its origins as one of the original types of distributed denial-of-service (DDoS) attacks and have not been significant threats to enterprises today. Most CERT advice from 1996 still applies to modern systems, but obviously many improvements have been made in the last 15 years.

A SYN attack is one where an attacker makes an initial connection to a victim computer and the victim computer waits for the completion of the connection. The attack is exploiting part of the three-way handshake in TCP for establishing reliable connections. When the initial connection is left open, it consumes resources on the victim computer until it runs out of connections or has other issues.

To protect against sync flood attacks, you have several options. The attacks can be detected by standard intrusion detection systems (IDS) and could also be blocked or minimized by built-in features in firewalls and other devices. Further protections could include lowering timeouts for how long a system waits for another system to complete the three-way handshake or having your ISP block the attacks.

This was last published in May 2010

How to defend against a sync flood attack

Nick Lewis explains how to protect your organization from sync flood attacks.

Dig Deeper on DDoS attack detection and prevention

7 TCP/IP vulnerabilities and how to prevent them

denial-of-service attack

How hackers use idle scans in port scan attacks

Europe in the firing line of evolving DDoS attacks

Related Q&A from Nick Lewis

What are the benefits and challenges of cloud penetration testing?

How can companies prevent and respond to island hopping attacks?

What are the best criteria to use to evaluate cloud service providers?

Start the conversation

0 comments

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

Top 6 cloud security analytics use cases

McAfee: Attacks on cloud accounts up 630% during COVID-19

Use these CCSK practice questions to prep for the exam

SearchNetworking

Cisco DNA Center's new features may mean more user headaches

Tips for setting up a home network

MLB uses NetBox automation for network configuration backup

SearchCIO

5 edge computing vendors for CIOs to watch

Now is the time to revisit and adjust your cloud strategy

Know how to secure your home network while working from home

SearchEnterpriseDesktop

New Quest Kace products make UEM easier for IT admins

New HP hardware directed at remote work

Ivanti updates its unified endpoint management

SearchCloudComputing

How to apply serverless in front-end cloud computing

AWS Marketplace update eases SaaS contract changes

AWS, Microsoft and Google should retire these cloud services

ComputerWeekly.com

NHS Covid-19 datastore contracts published under pressure from privacy groups

Third of UK internet users report worse service since lockdown

Businesses develop apps quickly to manage disruption of Covid-19