Question

Explain the following threats: SYN flood, Smurf and Port Scanning

Answer 1

`Hey,

Note: Brother in case of any queries, just comment in box I would be very happy to assist all your queries

SYN-FLOOD

In a SYN Flood, a victim server, firewall or other perimeter defense receives (often spoofed and most often from a botnet) SYN packets at very high packet rates that can overwhelm the victim by consuming its resources to process these incoming packets. In most cases if a server is protected by a firewall, the firewall will become a victim of the SYN flood itself and begin to flush its state-table, knocking all good connections offline or even worse - reboot. Some firewalls in order to remain up and running, will begin to indiscriminately drop all good and bad traffic to the destination server being flooded. Some firewalls perform an Early Random Drop process blocking both good and bad traffic. SYN floods are often used to potentially consume all network bandwidth and negatively impact routers, firewalls, IPS/IDS, SLB, WAF as well as the victim servers.

SMURF ATTACK

A smurf attack is a type of denial of service attack in which a system is flooded with spoofed ping messages. This creates high computer network traffic on the victim’s network, which often renders it unresponsive.

Smurfing takes certain well-known facts about Internet Protocol and Internet Control Message Protocol (ICMP) into account. ICMP is used by network administrators to exchange information about network state, and can also be used to ping other nodes to determine their operational status. The smurf program sends a spoofed network packet that contains an ICMP ping. The resulting echo responses to the ping message are directed toward the victim’s IP address. Large number of pings and the resulting echoes can make the network unusable for real traffic.

Port Scanning

A port scan is an attack that sends client requests to a range of server port addresses on a host, with the goal of finding an active port and exploiting a known vulnerability of that service. Scanning, as a method for discovering exploitable communication channels, has been around for ages. The idea is to probe as many listeners as possible, and keep track of the ones that are receptive or useful to your particular need.

Kindly revert for any queries

Thanks.