How to defend against a sync flood attack

Nick Lewis explains how to protect your organization from sync flood attacks.

Nick Lewis

What are some ways to protect against sync flood attacks?

A Sync flood attack, better known as a SYN attack, has its origins as one of the original types of distributed denial-of-service (DDoS) attacks and have not been significant threats to enterprises today. Most CERT advice from 1996 still applies to modern systems, but obviously many improvements have been made in the last 15 years.

A SYN attack is one where an attacker makes an initial connection to a victim computer and the victim computer waits for the completion of the connection. The attack is exploiting part of the three-way handshake in TCP for establishing reliable connections. When the initial connection is left open, it consumes resources on the victim computer until it runs out of connections or has other issues.

To protect against sync flood attacks, you have several options. The attacks can be detected by standard intrusion detection systems (IDS) and could also be blocked or minimized by built-in features in firewalls and other devices. Further protections could include lowering timeouts for how long a system waits for another system to complete the three-way handshake or having your ISP block the attacks.

This was last published in May 2010

Dig Deeper on DDoS attack detection and prevention

All
News
Get Started
Evaluate
Manage
Problem Solve

Related Q&A from Nick Lewis

What are the top enterprise email security best practices?

Enterprises have many options for email security best practices, ranging from deploying email security protocols to educating end users on the ... Continue Reading

What is a port scan attack?

Cyberattacks often begin with a port scan attack, which attackers use to find exploitable vulnerabilities on targeted systems. Learn how they work ... Continue Reading

How can I detect fileless malware attacks?

Monitoring process memory is one way to combat fileless malware attacks. Here's what you can do to protect your network against these campaigns. Continue Reading

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Information Security experts

View all Information Security questions and answers

SearchCloudSecurity

3 reasons privilege escalation in the cloud works

Statistics show that many cloud attacks are linked to credential and privilege misuse. Learn three ways threat actors are able to...

McAfee Database Security to improve Amazon RDS cloud security

With its latest release, McAfee intends to improve Amazon RDS security and prevent cyberattacks with its new McAfee Database ...

How best to secure cloud computing in this critical era

Achieving cloud security today demands you continually update your strategy, policy, tactics and tools. This collection of expert...

SearchNetworking

Edge computing and IoT combine to reshape the network

Enterprises are examining edge computing and IoT in a new light to determine the best way to process and transmit the mountain of...

What is NetOps? Start with these 5 common questions

This compilation is an essential starting point for NetOps novices. These five common questions explore what NetOps is, how it ...

5G and SD-WAN could provide reliable, alternate connectivity

5G and SD-WAN could develop into an alternative connectivity option that offers high speeds and low latency to geographic areas ...

SearchCIO

CIOs need a strategy for AR and VR use cases -- now

CIOs need to start thinking about AR and VR and other immersive technologies as the new enterprise UI.

AI in IT infrastructure transforms how work gets done

Cutting through the hype around AI has become a major job for IT leaders. Our in-depth guide on where and how to add AI to your ...

RPA use cases that take RPA to next level

Taking RPA use cases to the next level entails automating complex processes, establishing a governance program and using ...

SearchEnterpriseDesktop

Apica introduces desktop application performance monitoring tool

Designed for Windows desktop applications, Apica's Desktop Application Check intends to increase visibility and boost desktop ...

How to boot to Windows Safe Mode on Windows 10

Having problems with Windows crashes, applications or performance issues? Try booting to Windows Safe Mode on Windows 10 to ...

Evan launches customer experience SaaS platform for IT help

IT support vendor Evan introduced an automated SaaS offering for large businesses. Evan360 intends to connect users with IT ...

SearchCloudComputing

Microsoft Azure Bastion service seeks to secure VMs

Microsoft's Azure Bastion managed service provides a means for companies to remotely access their VMs without touching the public...

HPE GreenLake composable cloud services get a boost

HPE's latest products support hybrid cloud strategies by allowing users to tie composable and hyper-converged infrastructure ...

5 tips to right-size your cloud instances and VMs

Improperly sized cloud instances and VMs can wreak havoc on your budget and decrease performance. Delve deeper into right-sizing ...

ComputerWeekly.com

How AirAsia streamlined its customer service

Integrating multiple customer touch points with Salesforce has enabled Asia’s leading low-cost carrier to shorten waiting time ...

Lloyds Bank uses community effort to push out DevOps

The developers and IT operations teams were once separate. Now they are one. The challenge is getting this to scale across the ...

NetApp ports services to NetApp HCI for multi-cloud storage

NetApp will debut multi-cloud services on its NetApp HCI hyper-converged platform, with the first being its Kubernetes ...

Dig Deeper on DDoS attack detection and prevention

Related Q&A from Nick Lewis

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.