Abstract
This paper analyzes a (DoS) denial of service attack on TCP (transmission control protocol). It is popularly called SYN flooding. It works by an attacker sending many connection requests with spoofed source addresses to a victim's machine. These requests exhausting the victim's resources so it's no longer able to serve any legitimate requests. This paper contributes a detailed analysis of the SYN flooding attack and a discussion of existing and proposed countermeasures. In almost every case proper filtering of packets is a viable solution. In addition to creating packet filters, the modification of the TCP/IP stack of a given operating system can be performed by an administrator. This method, the tuning of the TCP/IP stack in various operating systems, will be described in depth in our paper.