Security Basics mailing list archives
Re: syn flooding attack and bandwidth consumation
From: "David J. Bianco" <bianco () jlab org>
Date: 05 Nov 2002 08:59:27 -0500
On Mon, 2002-11-04 at 04:58, SB CH wrote:
Hello, all. As you know, when I received smurf attack which is icmp based attack, the bandwidth is full. But when I receive syn flooding attack, the bandwidth is full or not? As my test, the syn and ayn+ack packet size is 0. So I think that the syn flooding attack has no relations with bandwith based attack? right?
This is basically true. A SYN flood is an attempt to fill up an internal table in your host's TCP/IP stack by repeatedly sending only the first stage of the three stage handshake protocol. Not only does this usually consume little bandwidth (these packets are small and it usually doesn't take many of them), but it's only effective against a single host. Other hosts probably continue to share the same network connection without error. You might have to worry about bandwidth if you were on a slow connection, like a dialup modem, but for DSL, Cable or anything faster, it's probably a non-issue. David -- David J. Bianco, GSEC GCUX <bianco () jlab org> Thomas Jefferson National Accelerator Facility GPG Fingerprint: 516A B80D AAB3 1617 A340 227A 723B BFBE B395 33BA The views expressed herein are solely those of the author and not those of SURA/Jefferson Lab or the US DOE.
Current thread:
- syn flooding attack and bandwidth consumation SB CH (Nov 04)
- Re: syn flooding attack and bandwidth consumation David J. Bianco (Nov 05)
- Re: syn flooding attack and bandwidth consumation hackerwacker (Nov 08)
- Re: syn flooding attack and bandwidth consumation Srecko Jovancevic (Nov 08)
- <Possible follow-ups>
- syn flooding attack and bandwidth consumation charles lindsay (Nov 05)
- RE: syn flooding attack and bandwidth consumation Benjamin Meade (Nov 09)