Mitigating SYN Flood Attack with Cisco ASA/Checkpoint/PaloAlto Firewalls:-
SYN Flood Attack :-
• An arriving SYN sends the “connection” into SYN-RCVD state
• It can stay in this state for quite a while, awaiting the acknowledgment of the SYN+ACK packet, and tying up memory
• For this reason, the number of connections for a given port in SYN-RCVD state is limited
• Further SYN packets for that port are dropped
• The trick is the address forgery — if the attacker impersonates a non-existent host, neither the SYN+ACK nor a RST will ever arrive
• The port is thus blocked
Watch Now :-
https://youtu.be/GDBQQ5X2dWE
Also Check :- Perform DDOS Attack with Hping Command