|
|
|
The SYN flood attack can block a single service on one host by sending only 10 to 15 packets every couple of minutes. This attack takes advantage of the three-step handshake of TCP/IP.
- The hacker sends the first step of the handshake.
- The victim stores information in that port's queue, sends the second step, and then waits for the third step, which never comes.
- The queue fills (6 to 10 packets in length) and the system will no longer accept any incoming connection requests until the entries in the queue time-out (75-100 seconds).
In this attack, there are no other negative effects on the system or the network.
|