sync flood attack identification
How to identify sync flood attack or DDoS attack using wire shark
How to identify sync flood attack or DDoS attack using wire shark
Please start posting anonymously - your entry will be published after you log in or create a new account.
Asked: 2023-12-23 16:53:49 +0000
Seen: 200 times
Last updated: Dec 24 '23
What are the characteristics of a sync flood or DDoS attack according to you?
alert appeared for DDoS attack then I used wire shark it shows multiple sync packets from the trusted IP/ physical address. I want to confirm that how I consider that it is a sync flood attack?
Alert from what?
I would start with what is on DDOS. https://www.cloudflare.com/learning/d.... Afterwards, think about how to look for the behavior using Wireshark.
CISA: DDoS QUICK GUIDE
Do you mean "SYN Flood (TCP/SYN)"?