Solved

syn dos vs. http dos

Posted on 2014-01-21
2
295 Views
Last Modified: 2014-02-08
Experts,

What's the difference between a syn dos and an http dos? Or is there not a difference and http dos is just a form of syn dos?
0
Comment
Question by:trojan81
2 Comments
 
LVL 33

Accepted Solution

by:
Dave Howe earned 400 total points
ID: 39799546
A SYN dos sends only SYN packets. To understand what that means, you need to understand how TCP works - essentially, for each TCP connection, there is an exchange like this:

C->S  <syn>
S->C <syn-ack>
C->S <ack>

a SYN dos attack sends only the syn, and ignores the reply. as the server creates a table entry in its TCP stack for each connection on receipt of the syn, this attack eats up all available table entries until no further clients can connect.

a http dos attack is different. each will perform a full handshake as above, request a page, and then on the same channel, request a page (again and again) - preferably a dynamic page so that the server has to work to calculate the page again and again, but a static will do.

as each http server can only handle a limited number of threads (either due to cpu/memory constraints or configuration) the repeated requests occupy all the server's capacity and it cannot accept or process any further client connections until the attacker's sessions complete - and as they are continually querying on the same connection, they *never* complete.

the downside (for an attacker) is that http attacks require a full tcp connection, hence cannot be sent from a faked address. SYN attacks, by contrast, can be sent from a faked address (or multiple faked addresses), and hence the responses go elsewhere (making it harder to trace the attacker, harder to block, and saving the attacker bandwidth issues from the responses to its queries)

the classic defense against SYN attacks is the SYNCOOKIE - many vendors (such as cisco) have their own reimplementations of this.
0
 

Author Closing Comment

by:trojan81
ID: 39844835
well said! thank you
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
As technology users and professionals, we’re always learning. Our universal interest in advancing our knowledge of the trade is unmatched by most industries. It’s a curiosity that makes sense, given the climate of change. Within that, there lies a…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question