Big4Guy

One of the common types of denial of service attacks includes the SYN Flood Attack. Below is a short explanation on how this type of attack is perpretrated.

SYN Attack

Syn attack is another type of Denial of Service attack. This type of attack exploits the buffer space available between the client and server for exchanging messages. Thus, when a session is initiated between the Transmission Control Program (TCP) client and server in a network, a very small buffer space exists to handle the usually rapid 'handshaking' exchange of messages that set up the session. The session -establishing packets include a SYN field that identifies the sequence in the message exchange. The attacker exploits this by sending a number of connection requests very rapidly and then fails to respond to the reply. This attack leaves the first packet in the buffer so that other, legitimate connection requests can’t be accommodated. Although the packet in the buffer is dropped after a certain period of time without a reply, the effect of receiving many of these bogus connection requests is to make it difficult for legitimate requests for a session to get established. A SYN attack can be controlled by providing correct settings in the operating system, tuning the size of the buffer and the timeout period. This can be easily configured by the network administrator and can help prevent a SYN attack.