Combining a SYN attack with IP spoofing, a land attack occurs when an attacker sends spoofed SYN packets containing the IP address of the victim as both the destination and source IP address.
Before You Begin |
|---|
For background information, read: |
The receiving system responds by sending the SYN-ACK packet to itself, creating an empty connection that lasts until the idle timeout value is reached. Flooding a system with such empty connections can overwhelm the system, causing a denial of service. See Figure 150.
Figure 150: Land Attack
When you enable the screen option to block land attacks, JUNOS Software combines elements of the SYN flood defense and IP spoofing protection to detect and block any attempts of this nature.