Practice free →
HomeB.Tech Cyber SecuritycybersecurityNetwork Security › A SYN FLOOD attack works by

A SYN FLOOD attack works by

Asending too many DNS queries
Bmany half-open SYNs exhaust server state
Cflooding ICMP echo requests
Dstealing user passwords
Answer & Solution
Correct answer: B. many half-open SYNs exhaust server state
1. SYN FLOOD: a DoS attack abusing the TCP 3-way handshake. 2. ATTACKER sends many TCP SYN packets (often with SPOOFED source IPs). 3. SERVER allocates state for each (the half-open connection), sends SYN+ACK to the spoofed IP, and waits. 4. Without the final ACK, half-open connections pile up — exhausting connection tables, making the server unresponsive to legitimate users. 5. MITIGATIONS: • SYN COOKIES: encode connection state in the SYN+ACK sequence number — no state on server until final ACK arrives. • Connection rate limiting. • Upstream DDoS scrubbing (Cloudflare, AWS Shield). _Source: RFC 4987 (TCP SYN Flooding Attacks and Countermeasures)._
Solve this in the app — B.Tech Cyber Security practice & 24k+ MCQs →
Related questions