SYN scanning

SYN scanning is a tactic that a malicious hacker (or cracker) can use to determine the state of a communications port without establishing a full connection.

SYN scanning is a tactic that a malicious hacker (or cracker) can use to determine the state of a communications port without establishing a full connection. This approach, one of the oldest in the repertoire of crackers, is sometimes used to perform denial-of-service (DoS) attacks. SYN scanning is also known as half-open scanning.

In SYN scanning, the hostile client attempts to set up a TCP/IP connection with a server at every possible port. This is done by sending a SYN (synchronization) packet, as if to initiate a three-way handshake, to every port on the server. If the server responds with a SYN/ACK (synchronization acknowledged) packet from a particular port, it means the port is open. Then the hostile client sends an RST (reset) packet. As a result, the server assumes that there has been a communications error, and that the client has decided not to establish a connection. The open port nevertheless remains open and vulnerable to exploitation. If the server responds with an RST (reset) packet from a particular port, it indicates that the port is closed and cannot be exploited.

By continuously sending large numbers of SYN packets to a server, a cracker can consume the resources of the server. Because the server is flooded with requests from the hostile client, few or no communications from legitimate clients can take place.

This was first published in April 2007

Continue Reading About SYN scanning

Glossary

'SYN scanning' is part of the:

View All Definitions

Dig deeper on Network Security Monitoring and Analysis

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close