When a normal TCP connection starts, a destination host receives a SYN (synchronize/start)
packet from a source host and sends back a SYN/ACK (synchronize acknowledge). The
destination host must then hear an ACK (acknowledge) of the SYN/ACK before the connection is
established. This is referred to as the “TCP three-way handshake.” While waiting for the ACK to
the SYN ACK, a connection queue of finite size on the destination host keeps track of connections
waiting to be completed. This queue typically empties quickly since the ACK is expected to arrive
a few milliseconds after the SYN ACK. How would an attacker exploit this design by launching
TCP SYN attack?
A.
Attacker generates TCP SYN packets with random destination addresses towards a victim host
B.
Attacker floods TCP SYN packets with random source addresses towards a victim host
C.
Attacker generates TCP ACK packets with random source addresses towards a victim host
D.
Attacker generates TCP RST packets with random source addresses towards a victim host
C is the correct Ans.