How to defend against a sync flood attack

Nick Lewis explains how to protect your organization from sync flood attacks.

Nick Lewis

What are some ways to protect against sync flood attacks?

A Sync flood attack, better known as a SYN attack, has its origins as one of the original types of distributed denial-of-service (DDoS) attacks and have not been significant threats to enterprises today. Most CERT advice from 1996 still applies to modern systems, but obviously many improvements have been made in the last 15 years.

A SYN attack is one where an attacker makes an initial connection to a victim computer and the victim computer waits for the completion of the connection. The attack is exploiting part of the three-way handshake in TCP for establishing reliable connections. When the initial connection is left open, it consumes resources on the victim computer until it runs out of connections or has other issues.

To protect against sync flood attacks, you have several options. The attacks can be detected by standard intrusion detection systems (IDS) and could also be blocked or minimized by built-in features in firewalls and other devices. Further protections could include lowering timeouts for how long a system waits for another system to complete the three-way handshake or having your ISP block the attacks.

This was last published in May 2010

How to defend against a sync flood attack

Nick Lewis explains how to protect your organization from sync flood attacks.

Dig Deeper on DDoS attack detection and prevention

7 TCP/IP vulnerabilities and how to prevent them

denial-of-service attack

How hackers use idle scans in port scan attacks

Europe in the firing line of evolving DDoS attacks

Related Q&A from Nick Lewis

Explore benefits and challenges of cloud penetration testing

What are the best criteria to use to evaluate cloud service providers?

What is the best way to write a cloud security policy?

SearchCloudSecurity

Google forms cyber insurance pact with Allianz, Munich Re

Dispelling 4 of the top cloud security myths today

Guide to cloud security management and best practices

SearchNetworking

Cisco completes $4.5 billion Acacia deal

5 steps to conduct network penetration testing

5 benefits of Wi-Fi 6 for enterprise networks

SearchCIO

Racial, gender diversity in tech improving at a glacial pace

The future of trust must be built on data transparency

What are the advantages and disadvantages of RPA?

SearchEnterpriseDesktop

Microsoft makes Productivity Score useful to tech buyers

Microsoft makes Universal Print generally available

Microsoft bolsters data security in 365

SearchCloudComputing

Microsoft ACS going GA with preview of Teams integration

Modernize and migrate mainframe apps to the cloud

How to create snapshots for Azure VMs and managed disks

ComputerWeekly.com

T-Mobile targets post-pandemic workplace with remote working suite

Connectivity the ‘unsung hero’ of the future of work

Williams F1 car launch disrupted by data leak