SYN Flood

A SYN flood is a type of denial of service (DoS) attack that sends a series of "SYN" messages to a computer, such as a web server. SYN is short for "synchronize" and is the first step in establishing communication between two systems over the TCP/IP protocol.

When a server receives a SYN request, it responds with a SYN-ACK (synchronize acknowledge) message. The computer then responds with an ACK (acknowledge) message that establishes a connection between the two systems. In a SYN flood attack, a computer sends a large number of SYN requests, but does not send back any ACK messages. Therefore, the server ends up waiting for multiple responses, tying up system resources. If the queue of response requests grows large enough, the server may not be able respond to legitimate requests. This results in a slow or unresponsive server.

Since SYN flooding is a common type of DoS attack, most server software has the capability to detect and stop SYN floods before they have a noticeable effect on the server. For example, if a server receives a large number of SYN requests from the same IP address in a short period of time, it may temporarily block all requests from that location.

Distributed denial of service (DDoS) attacks are more difficult to handle since they flood the server from multiple IP addresses. However, these attacks can be limited by using SYN caching or implementing SYN cookies. Both of these methods record IP addresses used for flood attacks. The system then limits the resources the computer will use to respond to requests from these locations. This type of SYN flood protection can be configured directly on server or on a network firewall.

Updated February 12, 2013 by Per C.

quizTest Your Knowledge

1,000 terabytes equals one what?

A
Gigabyte
0%
B
Exabyte
0%
C
Petabyte
0%
D
Zettabyte
0%
Correct! Incorrect!     View the Petabyte definition.
More Quizzes →

The Tech Terms Computer Dictionary

The definition of SYN Flood on this page is an original definition written by the TechTerms.com team. If you would like to reference this page or cite this definition, please use the green citation links above.

The goal of TechTerms.com is to explain computer terminology in a way that is easy to understand. We strive for simplicity and accuracy with every definition we publish. If you have feedback about this definition or would like to suggest a new technical term, please contact us.

Sign up for the free TechTerms Newsletter

How often would you like to receive an email?

You can unsubscribe or change your frequency setting at any time using the links available in each email.

Questions? Please contact us.