Definition

SYN scanning

SYN scanning is a tactic that a malicious hacker (or cracker) can use to determine the state of a communications port without establishing a full connection. This approach, one of the oldest in the repertoire of crackers, is sometimes used to perform denial-of-service (DoS) attacks. SYN scanning is also known as half-open scanning.

In SYN scanning, the hostile client attempts to set up a TCP/IP connection with a server at every possible port. This is done by sending a SYN (synchronization) packet, as if to initiate a three-way handshake, to every port on the server. If the server responds with a SYN/ACK (synchronization acknowledged) packet from a particular port, it means the port is open. Then the hostile client sends an RST (reset) packet. As a result, the server assumes that there has been a communications error, and that the client has decided not to establish a connection. The open port nevertheless remains open and vulnerable to exploitation. If the server responds with an RST (reset) packet from a particular port, it indicates that the port is closed and cannot be exploited.

By continuously sending large numbers of SYN packets to a server, a cracker can consume the resources of the server. Because the server is flooded with requests from the hostile client, few or no communications from legitimate clients can take place.

This was last updated in April 2007

Continue Reading About SYN scanning

Network World Fusion discusses various methods of port scanning.

Dig Deeper on Network Security Monitoring and Analysis

What is a port scan attack? Cyberattacks often begin with a port scan attack, which attackers use to find exploitable vulnerabilities on targeted systems. Learn how they work and how to defend against them.

How hackers use idle scans in port scan attacks Hackers exploit port scan attacks to mask their identities before launching an attack. One of their favorites: the idle scan.

How to leverage UDP port scanning as a security scanning tool UDP port scanning isn't as robust as TCP port scanning, but there are steps you can take to include the technique as a security scanning tool.

Tips to understand different TCP port-scanning techniques TCP port scanning detects vulnerabilities within networks, and knowing the different scans available can help network professionals choose the option best suited for their needs.

Offensive countermeasures: How they can slow down adversaries Sometimes the best defense is a good offense. Expert Eric Cole explains the merits of offensive countermeasures in the enterprise.

SYN flood (half open attack) SYN flooding is a method that the user of a hostile client program can use to conduct a denial-of-service (DoS) attack on a computer server.

Start the conversation

Send me notifications when other members comment.

-ADS BY GOOGLE

File Extensions and File Formats

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S

T
U
V
W
X
Y
Z
#

SearchUnifiedCommunications

Enhancing communications with a UC-contact center integration

The divide between contact centers and the rest of the business is shrinking. The demand for UC and contact center integrations ...
Cisco cries foul over security flaw in Zoom Connector

A flaw in Zoom's gateway for managing third-party video devices left customers vulnerable to snooping. Cisco criticized the ...
Is your organization prepared to deploy SIP trunking services?

Before deploying SIP trunking services, organizations need to make sure they are prepared. Read this FAQ to learn how to prepare ...

SearchMobileComputing

Compare Intune alternatives to Intune for mobility management

Intune stands out in the EMM market in part due to its incumbency as a PC management platform. IT must evaluate Intune compared ...
Deploy kiosk devices with the Managed Home Screen Android app

The Managed Home Screen app allows Microsoft Intune admins to deploy multi-app kiosk devices. IT should learn the two best ...
New Outlook features appeal to users on the go

At Ignite, Microsoft announced some improvements to its Office app and Outlook for iOS and Android. Learn about how it benefits ...

SearchDataCenter

Top 4 open source automation tools for admins

Open source offerings are an easy way to bring automation into your organization. When selecting software, evaluate the user ...
U.S. facility may have best data center PUE

The data center energy efficiency metric, power usage effectiveness, or PUE, is not improving. But one supercomputer data center ...
Increase efficiency with data center temperature monitoring

Data centers must track multiple temperature components. Organizations can use ASHRAE standards and on-premises hardware for ...

SearchITChannel

3 networking startups rearchitect routing

Networking startups Arrcus, DriveNets and Volta Networks help service providers redefine routing in the data center and at the ...
Logically acquires Carolinas IT in geographic expansion

The purchase of Carolinas IT is another transaction that demonstrates the active managed services merger and acquisition ...
HPE takes aim at hybrid IT management as a service

Starting with its GreenLake family, Hewlett Packard Enterprise is building out a hybrid platform from the edge to the cloud.

Close