In this paper, we describe and analyze a network-based DoS attack for IP-based networks. It is known as SYN flooding. It works by an attacker sending many TCP connection re¬quests with spoofed source addresses to a victim's machine. Each request causes the targeted host to instantiate data structures out of a limited pool of resources to deny further legitimate access.

Part I
Part II
Part III
Part IV

Result Analysis

Most powerful and flexible L4-7 security and content networking test solution proven for:

  • Firewalls, edge routers, session controllers, proxies, IDS/IPS, and VPN concentrators.
  • Servers, content switches/caches, load balancers, SSL accelerators

Mix real VoIP calls (H.323 & SIP) over integrated DHCP, IPSec, PPPoE, and 802.1 xs

  • Realistic testing, faster set-up, no need for scripting

Integrated IPv6, IPsecv6, VLAN, and SNMP support -Rapidly test next-generation dual-stack devices and Stress the management plane at the same time.

Create a realistic mix of application traffic with H.323, SIP, RTSP, SNMP, messaging on each test interface, and DoS. /spam /virus attacks with over 150 measurements.

Final Thoughts on IPv6 approach for TCP SYN Flood attack over VoIP

This paper has described and analyzed a network-based denial of service attack called SYN flooding. It has contributed a detailed analysis of a practical approach to application Performance validation for VoIP applications with IPv6/IPv4 configurations and TCP SYN Flooding attacks over connection-oriented networks.

To protect from DoS attacks for secure, scalable, high-availability IPV6 services over VoIP performance, the above methods have proven to have better results. It has also proved to work for spam and virus attacks over TCP connections with network tester methods of MoonV6.


We would like to thank Zlata Trhulj for the design documentation of IPv6 services and network tester methods presented at the North American IPv6 Coalition Meeting, Reston, VA, 25 May 2005.

About the Author: Suhas A Desai

  • Undergraduate Computer Engineering Student, Walchand CE, Sangli, INDIA.
  • Previous Publications in the area of "Linux Based Biometrics Security with Smart Card" include ISA EXPO 2004, InTech Journal, TX, USA, IEEE Real-Time and Embedded System Symposium 2005, CA, USA.,e-Smart 2005, France.
  • Writes security newsletters and features for many security sites.