Security Basics mailing list archives
RE: syn flooding attack and bandwidth consumation
From: "Benjamin Meade" <ben () lanwest com au>
Date: Tue, 5 Nov 2002 10:11:53 +0800
When a server receives a syn packet on an open port, it sends back a syn/ack packet, and then allocates a certain amount of server resources to handle the client request. A syn flood only sends syn packets, and will not reply with an ack after the server sends back its syn/ack. The theory behind the attack is to force the server to allocate all its resources to the bogus requests. It requires relatively few syn packets to flood the server, and so your bandwidth usually will not be flooded, just the server. Note that although a syn attack does not *need* to consume all of your bandwidth to flood your server, there is nothing to stop overkill on the syn packets flooding your network anyway. Benjamin Meade Systems Administrator LanWest Pty Ltd
Current thread:
- syn flooding attack and bandwidth consumation SB CH (Nov 04)
- Re: syn flooding attack and bandwidth consumation David J. Bianco (Nov 05)
- Re: syn flooding attack and bandwidth consumation hackerwacker (Nov 08)
- Re: syn flooding attack and bandwidth consumation Srecko Jovancevic (Nov 08)
- <Possible follow-ups>
- syn flooding attack and bandwidth consumation charles lindsay (Nov 05)
- RE: syn flooding attack and bandwidth consumation Benjamin Meade (Nov 09)