During a penetration test you overwhelm a Linux web server's TCP port 80 with a flood of spoofed SYN packets using hping3. The attack exhausts the kernel's SYN backlog, preventing legitimate clients from completing the three-way handshake. Without deploying external filtering devices, which single kernel-level adjustment provides the most effective immediate defense against this classic SYN flood technique?
Enable TCP SYN cookies (sysctl net.ipv4.tcp_syncookies=1).
Shorten the TCP keep-alive interval to close idle sessions sooner.
Reduce the interface MTU to 576 bytes to force fragmentation.
Enabling TCP SYN cookies postpones allocation of per-connection state until the final ACK of the three-way handshake is received. Instead of recording each half-open connection in the SYN backlog, the kernel encodes the essential state in the initial SYN-ACK sequence number. Because no memory is consumed for bogus handshakes, the backlog cannot be saturated, and legitimate clients can still connect. Lowering the interface MTU, disabling TCP timestamps, or shortening keep-alive intervals do not address the half-open connection problem and therefore offer little or no protection.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are TCP SYN cookies and how do they work?
Open an interactive chat with Bash
What is a SYN flood attack and why does it exhaust the SYN backlog?
Open an interactive chat with Bash
What is hping3, and how is it used in a SYN flood attack?
Open an interactive chat with Bash
What are TCP SYN cookies and how do they work?
Open an interactive chat with Bash
How does a SYN flood attack exploit the TCP three-way handshake?
Open an interactive chat with Bash
Why are other options like lowering the MTU or disabling TCP timestamps ineffective against SYN floods?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Network and Perimeter Hacking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .