How to defend against a sync flood attack

Nick Lewis explains how to protect your organization from sync flood attacks.

Nick Lewis

What are some ways to protect against sync flood attacks?

A Sync flood attack, better known as a SYN attack, has its origins as one of the original types of distributed denial-of-service (DDoS) attacks and have not been significant threats to enterprises today. Most CERT advice from 1996 still applies to modern systems, but obviously many improvements have been made in the last 15 years.

A SYN attack is one where an attacker makes an initial connection to a victim computer and the victim computer waits for the completion of the connection. The attack is exploiting part of the three-way handshake in TCP for establishing reliable connections. When the initial connection is left open, it consumes resources on the victim computer until it runs out of connections or has other issues.

To protect against sync flood attacks, you have several options. The attacks can be detected by standard intrusion detection systems (IDS) and could also be blocked or minimized by built-in features in firewalls and other devices. Further protections could include lowering timeouts for how long a system waits for another system to complete the three-way handshake or having your ISP block the attacks.

This was last published in May 2010

Dig Deeper on DDoS attack detection and prevention

All
News
Get Started
Evaluate
Manage
Problem Solve

Related Q&A from Nick Lewis

What are the benefits and challenges of cloud penetration testing?

Cloud penetration testing presents new challenges for information security teams. Here's how a playbook from the Cloud Security Alliance can help ... Continue Reading

How can companies prevent and respond to island hopping attacks?

Island hopping attacks create enterprise risk by threatening their business affiliates. Here's how to create an incident response plan to mitigate ... Continue Reading

What are the best criteria to use to evaluate cloud service providers?

Many cloud providers are tight-lipped about internal security control details. Learn how to evaluate cloud security providers with certifications and... Continue Reading

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Information Security experts

View all Information Security questions and answers

SearchCloudSecurity

Defining and evaluating SOC as a service

As cloud use increases, many enterprises outsource some security operations center functions. Evaluate if SOCaaS is the best ...

How to beef up S3 bucket security to prevent a breach

Security teams have plenty of tools at their disposal to help their organizations achieve and maintain S3 bucket security. Learn ...

How security teams benefit from traffic mirroring in the cloud

Enterprises with the resources to deploy traffic mirroring are gaining security benefits. Frank Siemons explains how traffic ...

SearchNetworking

Enterprises choosing SD-WAN routing over edge routers

Revenue from SD-WAN sales surged by 23% in the second quarter as enterprises opted to replace traditional edge routers with ...

Security, business agility kindle network automation adoption

IT teams are confused by the multiple automation strategies available, but they're still adopting automation with hopes it will ...

How to develop and implement a network security plan

When formulating a focused network security plan, you'll need to address specific questions about outbound traffic, user logins ...

SearchCIO

Cloud migration failures and how to prevent them

Companies are moving more applications than ever to the cloud, but many of these initiatives fail. Learn how to avoid making your...

Achieving business value from cognitive collaboration

CIOs can take advantage of AI to improve employee and customer collaboration with cognitive capabilities that are now available ...

3 ways to use quantum technology features in your enterprise

While quantum computers aren't available just yet, there are other properties to consider, such as quantum sensors and quantum ...

SearchEnterpriseDesktop

Troubleshoot Bluetooth connection problems in Windows 10

Bluetooth connection problems in Windows 10 are fairly common. Fortunately, there are a variety of troubleshooting steps that IT ...

HP Inc. laying off up to 9,000 workers in latest reorg plan

With its printer and printing supplies business fortunes continuing to slide, HP Inc. is undergoing a major reorganization that ...

AI sharpens unified endpoint management tools and apps

Endpoint management is never simple, but AI can help. In this handbook, learn how AI in UEM tools can significantly improve ...

SearchCloudComputing

5 Google Cloud tools you should know

As one of the top cloud vendors, Google provides a wide range of tools and services for its customers. Review five newer Google ...

Oracle Cloud Infrastructure to add 2,000 jobs in bid for growth

Oracle plans to hire 2,000 workers to boost Oracle Cloud Infrastructure IaaS. It’s part of an aggressive global expansion as ...

Dell Boomi platform adds API management, EDA support

The latest Boomi updates allow users to speed up implementation and allow IT pros to take better advantage of their data and ...

ComputerWeekly.com

Digital and innovation apprentices to start NatWest programme

NatWest is kicking off a tech apprentice programme, with its digital innovation hub set to play a key role

Future.now launch: Biggest barrier for digital skills is motivation

Digital sector must overcome its “image problem” to attract more people to learn new skills, says Lord Mayor at launch of digital...

NHS Digital brings in biometric login functionality

Two new libraries released to allow developers in the NHS to include functionality to digital services

Dig Deeper on DDoS attack detection and prevention

Related Q&A from Nick Lewis

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.