Network Security SYN Cookie

Question

Network Security SYN Cookie

If my server implements SYN cookies in order to avoid DoS attacks, but the attacker knows that the server uses SYN cookies, is it possible that they can create a half / full open connection by simply sending an ACK?

I know that SYN Cookies use an algorithm to create a unique initial connection, and if the handshake of the attackers is incomplete, the SYN is discarded and can only be recreated when a valid SYN-ACK is received.

But can an attacker still cope?

+5

security cookies networking

Kairan May 13, '12 at 4:09

source share

1 answer

Mikey · Accepted Answer · 2012-07-10T23:14:44+0000

No , the attacker does not need to know what the initial SYN value is to complete the handshake of TCP 3. Also, for any port, tcp cannot be in the half-open state when they use SYN cookies. The answer lies in cryptography.

SYN Cookies Implementation May Use Symmetric Cipher . , , TCP. SYN , , IP- , IP- . SYN, , , "" tcp- (at- DoS). , SYN-ACK, SYN. SYN-ACK, , IP- , IP- .

Network Security SYN Cookie

More articles: