Direct Server Return and SYN Floods
________________________________________________________________ This is part of a series on Direct Server Return 1. A Quick Primer 2. SYN Floods 3. The Real World ________________________________________________________________ SYN Flood Before we get into it, let’s take a quick look at the way TCP connections get setup using a three-way handshake . 1. The Client initiates the request by sending a SYN ( synchronize ) message to the Server. 2. The server responds by sending SYN-ACK ( acknowledge ) back to the client. 3. The client, in turn, sends an ACK , and we’re all setup. What an UnGood Client can do, however is the following 1. The UnGood person sends a bunch of SYN messages to the server, each of which has a fake source address . 2. The server responds by sending SYN-ACK for each of these to the fake address. 3. Importantly, the server keeps waiting for the ACK ...