Once the TCP three-way handshake has resulted in establishing a connection between a host and a client, ACK or PUSH ACK packets are sent back and forth until the session is terminated.
To execute this onslaught, crooks inundate the CPU and RAM resources of the server with a bevy of rogue SYN-ACK packets. The logic of this attack vector is to abuse the TCP communication stage where the server generates a SYN-ACK packet to acknowledge the client’s request. This leads to an error scenario, and the target host may eventually crash. When the server tries to respond to this message, it gets into a loop by recurrently generating replies to itself. To perform a Local Area Network Denial (LAND) attack, a threat actor sends a fabricated SYN message in which the source and destination IP addresses are the same. As a result, the receiving server becomes incapable of processing and storing so many SYN packets and denies service to real clients. When a SYN Flood attack is underway, criminals send a plethora of these messages from a spoofed IP address.
0 kommentar(er)
