When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN/ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN/ACK before the connection is established. This is referred to as the "TCP three-way handshake." While waiting for the ACK to the SYN ACK, a connection queue of finite size on the destination host keeps track of connections waiting to be completed. This queue typically empties quickly since the ACK is expected to arrive a few milliseconds after the SYN ACK.
How would an attacker exploit this design by launching TCP SYN attack?
A . Attacker generates TCP SYN packets with random destination addresses towards a victim host
B . Attacker floods TCP SYN packets with random source addresses towards a victim host
C . Attacker generates TCP ACK packets with random source addresses towards a victim host
D . Attacker generates TCP RST packets with random source addresses towards a victim host
Answer: B
Leave a Reply