Tuesday, November 26, 2019

Flood Attacks essays

Flood Attacks essays Countermeasures for SYN flood attacks There is no single countermeasure to protect against SYN flood attacks. However, there are certain steps that can be followed to minimize the risk of damage caused by such attacks. One countermeasure to SYN flood attacks is reducing the duration of time required for a timed out of a connection, to take place. If a large number of connection requests are sent to a target system, then the spoofed requests would be discarded sooner, thus minimizing the hogging of memory and hence minimizing the risk of such attacks. Although this will minimize the hogging up of system resources, it is still not a very good countermeasure against SYN Attacks. One weakness is that it might increase the probability that legitimate access is rejected. Another countermeasure is increasing the queue of connection requests. This might allow room for non attack requests to get through, however, the problem with this is that it will result in hogging up of more memory and resources of the host. A third countermeasure involves employing a firewall that will detect SYN flood attacks and respond with fake responses, and try and trace back the spoofed source address to the actual attacker. Some routers also provide a countermeasure to SYN flood attacks. The router acts as a transparent TCP proxy between the real server, and the client. When a connection request is made, the router completes the handshake for the server, and opens the real connection only after the handshake is completed. The router also places a threshold on the amount of connection requests it handles. If the amount of half-open connections exceeded the threshold it lowers the timeout period interval, thus dropping the half-open connections faster. ...

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.