English

TCP SYN Cookie Vulnerability

Networking and Internet Architecture 2018-07-24 v1 Cryptography and Security

Abstract

TCP SYN Cookies were implemented to mitigate against DoS attacks. It ensured that the server did not have to store any information for half-open connections. A SYN cookie contains all information required by the server to know the request is valid. However, the usage of these cookies introduces a vulnerability that allows an attacker to guess the initial sequence number and use that to spoof a connection or plant false logs.

Cite

@article{arxiv.1807.08026,
  title  = {TCP SYN Cookie Vulnerability},
  author = {Dakshil Shah and Varshali Kumar},
  journal= {arXiv preprint arXiv:1807.08026},
  year   = {2018}
}

Comments

3 pages, 5 figures

R2 v1 2026-06-23T03:09:05.936Z