How to defend against a sync flood attack

Nick Lewis explains how to protect your organization from sync flood attacks.

Nick Lewis

What are some ways to protect against sync flood attacks?

A Sync flood attack, better known as a SYN attack, has its origins as one of the original types of distributed denial-of-service (DDoS) attacks and have not been significant threats to enterprises today. Most CERT advice from 1996 still applies to modern systems, but obviously many improvements have been made in the last 15 years.

A SYN attack is one where an attacker makes an initial connection to a victim computer and the victim computer waits for the completion of the connection. The attack is exploiting part of the three-way handshake in TCP for establishing reliable connections. When the initial connection is left open, it consumes resources on the victim computer until it runs out of connections or has other issues.

To protect against sync flood attacks, you have several options. The attacks can be detected by standard intrusion detection systems (IDS) and could also be blocked or minimized by built-in features in firewalls and other devices. Further protections could include lowering timeouts for how long a system waits for another system to complete the three-way handshake or having your ISP block the attacks.

This was last published in May 2010

Dig Deeper on DDoS attack detection and prevention

Related Q&A from Nick Lewis

What are the benefits and challenges of cloud penetration testing?

Cloud penetration testing presents new challenges for information security teams. Here's how a playbook from the Cloud Security Alliance can help ... Continue Reading

How can companies prevent and respond to island hopping attacks?

Island hopping attacks create enterprise risk by threatening their business affiliates. Here's how to create an incident response plan to mitigate ... Continue Reading

What are the best criteria to use to evaluate cloud service providers?

Many cloud providers are tight-lipped about internal security control details. Learn how to evaluate cloud security providers with certifications and... Continue Reading

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Information Security experts

View all Information Security questions and answers

SearchCloudSecurity

Google Cloud security gets boost with Secret Manager

Google Cloud's new Secret Manager service augments its cloud security capabilities with an eye toward the needs of DevOps teams.

Microsoft misconfiguration exposed 250M customer service records

Microsoft exposed 250 million customer support records on five Elasticsearch servers that had misconfigured Azure security rules,...

Lyft's open source asset tracking tool simplifies security

Security teams need information and context about data in order to keep it safe. Learn how Cartography, Lyft's open source asset ...

SearchNetworking

Build a source of truth into your network automation strategy

Many network automation approaches rely on a source of truth repository to provide data on network behavior. But building this ...

SD-WAN explained: The ultimate guide to SD-WAN architecture

Evaluating SD-WAN architecture can be confusing, especially as the market grows. This guide helps IT pros learn SD-WAN basics, ...

VMware acquisition of Nyansa combines LAN, WAN analytics

The VMware acquisition of Nyansa is expected to provide network traffic analytics that cover the SD-WAN and the wired and ...

SearchCIO

How IoT, 5G, RPA and AI are opening doors to cybersecurity threats

In the second part of a series on CIOs preparing for cyberthreats in 2020, we look at how emerging technologies like IoT and the ...

Preparing for the new forms of cybersecurity threats in 2020

In the first part of a series on the new forms of cyberthreats in 2020, we're diving into the many infiltration points being ...

What is the state of CIO tenure today?

CIO tenure remains significantly lower than other C-suite positions, and according to experts, it's a result of the age of ...

SearchEnterpriseDesktop

Windows 7 sunset gives PC market a boost in 2019

Does the growth of the PC market in 2019 reflect an increased appetite for the devices? Experts discuss the PC's role in the ...

EG Enterprise v7 focuses on usability, user experience monitoring

New features in EG Enterprise v7, set to launch soon, enable simulated and real user monitoring, automated diagnosis and new ...

Managing Windows Defender Device Guard in Windows desktops

IT pros must understand how Windows Defender Device Guard uses a locked-down approach to desktop security and how this method ...

SearchCloudComputing

A look at AWS antipatterns: What not to do in the cloud

In this Q&A, Clive Harber, co-author of "Implementing Cloud Design Patterns for AWS," breaks down why traditional enterprises ...

5 cloud database comparison tips to guide your data strategy

Catch up on these tips that compare the strengths, weakness and available integrations of popular public cloud database and ...

Reduce cloud latency for remote employees and offices

Latency remains an issue for cloud users with remote facilities. See how SD-WAN and satellites can improve network performance ...

ComputerWeekly.com

UK in catch-22 decision over Huawei security

The UK’s final decision on whether to permit mobile operators to use Huawei equipment is expected imminently, and its decision ...

LV= rolls out smart speaker skill

General insurance firm says customers will receive answers to commonly asked questions by invoking the skill on Alexa or Google ...

Openreach connecting 26,000 premises a week to full-fibre network

UK national broadband infrastructure provider ramps up programme to deliver full-fibre to 200 locations, mainly towns and ...

How to defend against a sync flood attack

Nick Lewis explains how to protect your organization from sync flood attacks.

Dig Deeper on DDoS attack detection and prevention

7 TCP/IP vulnerabilities and how to prevent them

denial-of-service attack

How hackers use idle scans in port scan attacks

Europe in the firing line of evolving DDoS attacks

Related Q&A from Nick Lewis

What are the benefits and challenges of cloud penetration testing?

How can companies prevent and respond to island hopping attacks?

What are the best criteria to use to evaluate cloud service providers?

Have a question for an expert?

Start the conversation

0 comments

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

Google Cloud security gets boost with Secret Manager

Microsoft misconfiguration exposed 250M customer service records

Lyft's open source asset tracking tool simplifies security

SearchNetworking

Build a source of truth into your network automation strategy

SD-WAN explained: The ultimate guide to SD-WAN architecture

VMware acquisition of Nyansa combines LAN, WAN analytics

SearchCIO

How IoT, 5G, RPA and AI are opening doors to cybersecurity threats

Preparing for the new forms of cybersecurity threats in 2020

What is the state of CIO tenure today?

SearchEnterpriseDesktop

Windows 7 sunset gives PC market a boost in 2019

EG Enterprise v7 focuses on usability, user experience monitoring

Managing Windows Defender Device Guard in Windows desktops

SearchCloudComputing

A look at AWS antipatterns: What not to do in the cloud

5 cloud database comparison tips to guide your data strategy

Reduce cloud latency for remote employees and offices

ComputerWeekly.com

UK in catch-22 decision over Huawei security

LV= rolls out smart speaker skill

Openreach connecting 26,000 premises a week to full-fibre network

Dig Deeper on DDoS attack detection and prevention

7 TCP/IP vulnerabilities and how to prevent them

denial-of-service attack

How hackers use idle scans in port scan attacks

Europe in the firing line of evolving DDoS attacks

Related Q&A from Nick Lewis

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.