Sync Attacks – Info & Prevention

You can refer here for more information about the Sync Attacks.

For Prevention:

a) Firstly, change the SSH or RDC port to another port number.

b) Secondly, use proxy DDoS protection or any others DDoS mitigation provider.

However, if your website is facing frequent Sync Attacks, and we would strongly advise you to upgrade your hosting to our Dedicated Server with physical firewall protection.

What are some ways to protect against sync flood attacks?

A Sync flood attack, or we call it as a SYN attack. SYN has its origins as one of the original types of distributed denial-of-service (DDoS) attacks and have not been significant threats to enterprises today. Most CERT advice from 1996 still applies to modern systems. However, the systems have made many improvements in the last 15 years. A SYN attack is one where an attacker makes an initial connection to a victim computer and the victim computer waits for the completion of the connection. The attack is exploiting part of the three-way handshake in TCP for establishing reliable connections. When the initial connection is open, it consumes resources on the victim computer until it runs out of connections or has other issues.

To protect against sync flood attacks, you have several options. The attacks can be detected by standard intrusion detection systems (IDS). It could also be blocked or minimized by built-in features in firewalls and other devices. Besides that, further protections could include lowering timeouts for how long a system waits for another system. Thcomplete the three-way handshake or having your ISP block the attacks.