SYN flood attack

gokibria
gokibria  Diamond  (1)
7 years 10 months ago  View: 1387  Reply: 4
1F

Because of the limited resources, TCP/IP stacks only permit a restricted number of TCP connections. Based on the above defect, the SYN Flood attack forges an SYN packet whose source address is a bogus or non-existent address and initiates a connection to the server. Accordingly, the server will not receive the ACK packet for its SYN-ACK packet, which forms a semi-connection. A large number of semi-connections will exhaust the network resources. As a result, valid users cannot access the network until the semi-connections time out. The SYN Flood attack also takes effect in the applications whose connection number is not limited to consume the system resources such as memories.


How to Protect

The Firewall can defense SYN flood attack by restricting the rate of the SYN packets. The rate of the SYN packets can be restricted based on interface, IP address and security zone.

When the inbound path is consistent with the outbound path, the Firewall can defend against SYN-Flood attacks through the TCP proxy function.

When the inbound path is inconsistent with the outbound path, you can configure the TCP source IP probing which uses the reverse probing technology and defends against SYN-Flood attacks initiated by using virtual IP addresses.

Reverse TCP source IP probing is an effective measure against attacks launched by using spoof IP addresses. When reverse TCP source IP probing is enabled, the firewall probes the source IP addresses of the TCP SYN packets that pass through it. If the source IP addresses are valid IP addresses, the firewall allows the packets to pass.

mkmohiuddin
mkmohiuddin  Senior 
7 years 10 months ago
2F
Very useful doc.
mershad
mershad  Gold 
7 years 10 months ago
3F
Share the configuration for protecting this attack
gokibria
gokibria  Diamond 
7 years 10 months ago
4F

Reply 3 #

I have added protection mechanism. Please take a look.
Armetta
Armetta  Diamond 
7 years 10 months ago
5F
Useful Information