The setup of a TCP connection requires a three-way handshake, consisting of the following three steps: (1) the partner requesting a connection sends a SYN packet; (2) this packet is answered by a SYN-ACK packet by the receiver; (3) on reception of the SYN-ACK the initiating partner sends an ACK packet, thus completing the setup.
In a SYN-flood attack, a high number of connections are initiated, but the last step is never completed by the system attacker. This incomplete setup results in a high number of half-open connections on the exploited system that eventually consume all the systemÂ’s resources, thus preventing further legitimate connections from completing their course.
See Also: Electronic Mail or Email; Exploit; Packet; Synchronize Packet Flood (SYN); TCP/IP or Transmission Control Protocol/Internet Protocol.
See Flooding in Computer
Learn more about Flooding