Flood Attacks
Countermeasures for SYN flood attacksThere is no single countermeasure to protect against SYN flood attacks. However, there are certain steps that can be followed to minimize the risk of damage caused by such attacks.One countermeasure to SYN flood attacks is reducing the duration of time required for a 'timed out' of a connection, to take place. If a large number of connection requests are sent to a target system, th
en the spoofed requests would be discarded sooner, thus minimizing the hogging of memory and hence minimizing the risk of such attacks. The router acts as a transparent TCP proxy between the real server, and the client. A third countermeasure involves employing a firewall that will detect SYN flood attacks and respond with fake responses, and try and trace back the spoofed source address to the actual attacker. When a connection request is made, the router completes the handshake for the server, and opens the real connection only after the handshake is completed. One weakness is that it might increase the probability that legitimate access is rejected. If the amount of half-open connections exceeded the threshold it lowers the timeout period interval, thus dropping the half-open connections faster. Although this will minimize the hogging up of system resources, it is still not a very good countermeasure against SYN Attacks. Some routers also provide a countermeasure to SYN flood attacks. Another countermeasure is increasing the queue of connection requests. The router also places a threshold on the amount of connection requests it handles. This might allow room for non attack requests to get through, however, the problem with this is that it will result in hogging up of more memory and resources of the host.
Common topics in this essay:
SYN Attacks,
Countermeasures SYN,
syn flood attacks,
flood attacks,
syn flood,
countermeasure syn,
connection requests,
hogging memory,
half-open connections,
countermeasure syn flood,
|
Acceptance Essays
