
SYN Storm
The scanner achieves a temporary denial of service attack by establishing a
large number of TCP connections to the target firewall. When enough connections
are achieved through the sync storm, the firewall becomes temporarily unusable
by outside clients. The scanner floods a port with SYN packets. Since each SYN
forces the target to allocate a buffer for that session, with enough buffers,
depending on the vendor, the port can become busied-out and hence unavailable to
anyone else.
Risk: Low
Fix: Contact your vendor for a patch.