SYN flooding attack protection
The SYN flooding attack protection feature of TCP detects symptoms of SYN flooding and responds by reducing the time server spends on connection requests that it cannot acknowledge.
Specifically, TCP shortens the required interval between SYN-ACK (connection request acknowledgements) retransmissions. (TCP retransmits SYN-ACKS when they are not answered.) As a result, the allotted number of retransmissions is consumed quicker and the unacknowledgeable connection request is discarded faster.
When enabled, the system monitors the connections maintained by TCP and starts SYN attack flooding protection when the any of the following conditions symptomatic of SYN flooding obtain:
SYN flooding protection is enabled when the value of SynAttackProtect is 1 and the value of TcpMaxConnectResponseRetransmissions is at least 2.