SYN and ACK are two of the single-bit flags in the TCP (Not UDP) header.
These two are used to establish and maintain a connection. When a client
wants to connect to a service, the first packet has SYN=1, ACK = 0 (means I
want to synchronize a session, and the acknowledgement field is invalid).
The server responds with SYN=ACK=1 (means ok to syn and the acknowledgement
field has the starting value). Subsequent packets have syn=0, ack=1
(connection already established, ack field valid). On teardown, the last
packet should have syn=0, ack=1, rst=1 (means reset this connection).
Steve
PS SYN flood attacks are made by sending repeated Syn=1 Ack=0 requests (the
server responds by opening the connection, reserving some resources for it
and issuing the syn=1, ack=1 reply.) No further messages from the attacker
lead to allocation of resources to the point where the server is full. A
non-data comparison would be if someone kept dialing the phone number of a
small office, filling up all incoming lines and calling back as soon as the
PBX disconnected. Legititimate users couldn't get through.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of imran.rahim
Sent: Thursday, June 08, 2000 11:39 PM
To: [EMAIL PROTECTED]
Subject: SYN and ACK
I'm wondering what does SYN and ACK means ?
Thanks.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
