A SYN flood is a type of Level 4 (Transport Layer) network attack (see Kali/Layer 4 Attacks for details). The basic idea is to keep a server busy with idle connections, resulting in a maxed-out number of connections and a resulting denial of service.
About Syn Flood Attack
Normally, when two computers are making a connection, they perform a three-way handshake: the client sends a SYN packet, the server responds with a SYN-ACK packet, and the client responds back with an ACK packet. The TCP connection between the two machines is then officially established. To abuse this handshake process, an attacker can send a SYN Flood, a flood of SYN packets, and do nothing when the server responds with a SYN-ACK packet. The server politely waits for the other end to respond with an ACK packet, and because bandwidth is fixed, the hardware only has a fixed number of connections it can make. Eventually, the SYN packets max out the available connections to a server with hanging connections. New visitors will experience a denial of service.
A SYN Flood can bring down your servicer if it isn't configured properly - each SYN packet will use up another spot in the queue, which will quickly eat up all available TCP connections, and lead to a denial of service. By using a reverse proxy, and putting different rules in place, these kinds of attacks can be thwarted.
This attack occurs on the transport layer - it jams up the normal workings of the transport layer and interferes with the normal delivery of packets.
code a syn flood in C: http://www.binarytides.com/syn-flood-dos-attack/
code a syn flood in Python: http://www.binarytides.com/python-syn-flood-program-raw-sockets-linux/
code a syn flood in Perl: http://www.binarytides.com/perl-syn-flood-program-raw-sockets-linux/
Attack Layerspages addressing attack vectors, tools, and methodologies for each layer of the network stack.
1 Physical Attacks: Kali/Layer 1 Attacks
2 Data/MAC Attacks: Kali/Layer 2 Attacks
3 Network Attacks: Kali/Layer 3 Attacks
4 Transport Attacks: Kali/Layer 4 Attacks
5 Session Attacks: Kali/Layer 5 Attacks
6 Presentation Attacks: Kali/Layer 6 Attacks
7 Application Attacks: Kali/Layer 7 Attacks
Flags · Template:KaliAttackLayersFlag · e
Denial of Servicedenial of service attacks for denying users access to resources that they are otherwise entitled to access.
DoS at Layers 1 and 2:
CAM Table Overflow/MAC Flood: DoS/Mac Flood
CAM Table Poisoning: DoS/Cam Poisoning
DoS at Layers 3 and 4:
Syn Flood: DoS/SYN Flood
Smurf Attack (Ping Flood): DoS/Smurf Attack
DNS Attacks: DoS/DNS
DNSSmurf Attack: DoS/DNSSmurf
Wormhole Attack: DoS/Wormhole Attack
Black Hole Attack: DoS/Black Hole Attack
Byzantine Attack: DoS/Byzantine Attack
Sleep Deprivation Attack: DoS/Sleep Deprivation Attack
Stale Packets: DoS/Stale Packets
Flags · Template:DoSFlag · e