// THREAT DETECTION AND DATA PRIVACY TERM
SYN Flood
A SYN Flood is a type of denial-of-service (DoS) attack where an attacker rapidly sends many connection requests (SYN packets) to a server but never completes the connection. This overwhelms the server's ability to handle new connections, making it unavailable to legitimate users.
TECHNICAL DEFINITION
A SYN flood is a prevalent denial-of-service (DoS) attack exploiting the Transmission Control Protocol (TCP) three-way handshake by sending a rapid succession of SYN requests, often with spoofed source IP addresses, to a target server. This causes the server to allocate resources for half-open connections (SYN-RECEIVED state) awaiting an ACK that never arrives, exhausting its connection table and rendering it unable to process legitimate client requests.
BACKGROUND
In computing, a denial-of-service attack is a cyberattack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. The range of attacks varies widely, spanning from inundating a server with millions of requests to slow its performance, overwhelming a server with a substantial amount of invalid data, to submitting requests with an illegitimate IP address.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- TCP SYN flood
- SYN attack
- Half-open attack
- DoS SYN flood
USAGE NOTE
This classic DoS technique is frequently used to disrupt web servers, network services, and other internet-facing applications by consuming their connection resources.
DEVELOPERS
Organizations developing technology related to SYN Flood.
Akamai offers comprehensive cloud security solutions, including advanced DDoS protection services specifically designed to detect and mitigate SYN flood attacks, ensuring availability and performance for online businesses.
Cloudflare provides a global network that offers robust DDoS mitigation, protecting websites and network infrastructure from various attacks, including SYN floods, through its advanced traffic filtering and security services.
Radware specializes in application delivery and cybersecurity solutions, offering dedicated DDoS attack prevention that includes sophisticated techniques to detect, analyze, and block SYN flood traffic in real-time.
Through its Arbor DDoS solutions, Netscout provides network-wide visibility and advanced DDoS attack protection, specifically addressing volumetric attacks like SYN floods at the internet-edge and within enterprise networks.
F5 Networks provides application delivery and security solutions, including comprehensive DDoS protection within its BIG-IP platform, designed to identify and neutralize SYN flood attacks to maintain application availability.
Imperva offers a full stack of application and data security solutions, including advanced DDoS protection services that defend against various attack types, such as SYN floods, to safeguard critical online assets.
Fortinet delivers broad, integrated, and automated cybersecurity solutions, including FortiGate firewalls and FortiDDoS appliances, which incorporate capabilities for detecting and mitigating SYN flood attacks as part of their advanced threat protection.