Direct Denial-Of-Service Attack 2

• SYN Flooding

  • Subverts the TCP/IP 3-way handshake
    • SYN / ACK / ACK
  • Hard to trace
    • Each SYN has a different return address.
  • Defenses now well understood
    • Ignore SYNs from impossible addresses.
    • Large buffer pools (10 ? 1024)
    • Random drop, Oldest drop.

Previous slide

Next slide

Back to first slide

View graphic version