Solved

HIGH TCP CONNECT ERROR SYSTEM PORT 25 MAY BE UNDER SYN FLOOD

Posted on 1997-12-16
1
294 Views
Last Modified: 2013-12-23
This is the second time this message has appeared on our corporate email server and each time, the server can not be contacted via the network. All mail connections as well as other connection types fail.

I wonder if this is a TCP bug or if somebody is trying to hack into the system.

Does anybody know what this message means?
0
Comment
Question by:gilly
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 5

Accepted Solution

by:
n0thing earned 100 total points
ID: 1583052
Hi,

   Your machine seems to be under Denial of Service attack from
hackers or your competitor.
When a system (called the client) attempts to establish a TCP connection to a system providing a service (the server), the client and server exchange a set sequence of messages. This connection technique applies to all TCP connections--telnet, Web, email, etc.

     The client system begins by sending a SYN message to the server. The server then acknowledges the SYN message by sending SYN-ACK message to the client. The client then finishes establishing the connection by responding with an ACK message. The connection between the client and the server is then open, and the service-specific data can be exchanged between the client and the server. Here is a view of this message flow:

                Client                  Server
                ------                  ------
                SYN-------------------->

                   <--------------------SYN-ACK

                ACK-------------------->

                     Client and server can now
                     send service-specific data

     The potential for abuse arises at the point where the server system has sent an acknowledgment (SYN-ACK) back to client but has not yet received the ACK message. This is what we mean by half-open connection. The server has built in its system memory a data structure describing all pending connections. This data structure is of finite size, and it can be made to overflow by intentionally creating too many partially-open connections.
   
     One way to stop it is to filter all inbound packets and reject all spoofed packets from your routers.

0

Featured Post

Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Changing Lease Duration for DHCP clients 34 73
IR 1023 Scanning 4 52
site - site VPN 3 46
VMware:  Virtual switches and multiple NICs 9 61
Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question