What is a SYN Attack?

June 5, 2017 | Views: 6587

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

A SYN attack is an exploit of the TCP/IP stack where by an attacker sends SYN packets and suppresses the SYN-ACK  packet. This type of attack can be volumetric where by the attacker sends a large amount of data to a link to  saturate the link . It can also be a trickle attack where the attack doesn’t  generate a lot of bandwidth but ties up the resources on the devices. See the below image for a example of  the process of a SYN-ATTACK.

SYN flood wikipedia

SYN Attacks

These attacks are a very common type of DDoS attack. The SYN-packet ties up a small amount of memory on the target’s computer or network device.

This is also known as a half open connection where the connection is not fully established since its still waiting for the fill handshake to occur.

These half open connections  can eventually exhaust the resources on the device. This will eventually leading to a crash.

Mitigation

To  mitigate this type of attack you can rate limit SYN-traffic per source  also you can use mechanisms such as MOD Evasive  fro Apache servers to protect  web servers.

For your Anti DDoS solution you may need to tweak settings if you are using NAT as its not unusual to see many SYN-packets  going to the single NAT address.

See the below video:


Follow or email me: www.seanmancini.com – sean@seanmancini.com

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
3 Comments
  1. Common guy, are you serious with your SYN,ACK,SYN+ACK ?

  2. Ouch, good catch thanks for reading my article and watching the video!

  3. TCP 3 way handshake is, SYN, SYN+ACK and ACK. Its shown wrongly in the video.

Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel