Attacks & Threats
SYN Flood
Definition
A TCP-based denial-of-service attack that sends many SYN packets without completing the three-way handshake, exhausting the target's connection-state resources.
Examples
- A botnet sends millions of spoofed SYN packets per second to a web server, filling its TCP backlog.
- A small attacker abuses the lack of SYN-cookies on an old appliance to crash its connection table.
Related terms
Denial-of-Service (DoS) Attack
An attack that exhausts a system's bandwidth, compute, memory, or application resources so that legitimate users can no longer access the service.
Distributed Denial-of-Service (DDoS) Attack
A denial-of-service attack carried out from many distributed sources simultaneously — typically a botnet — to overwhelm a target's bandwidth, infrastructure, or application.
DDoS Amplification
A DDoS technique that abuses UDP-based services to reflect responses many times larger than the spoofed request, allowing small attackers to generate massive flood volumes.
LAND Attack
A legacy DoS attack that sends a spoofed TCP SYN packet whose source IP and port equal the destination, causing vulnerable systems to loop or crash.
Ping of Death
A legacy denial-of-service attack that sends malformed or oversized ICMP echo packets, causing vulnerable TCP/IP stacks to crash, hang, or reboot when reassembling them.
IP Spoofing
Forging the source IP address of network packets to impersonate another host, bypass filters, or amplify denial-of-service attacks.