In Windows, a protection allowing to detect and adjust the time when system is being targeted with a SYN flood attack, i.e., a type of denial of service attack. When the protection is enabled, responses of this connection time out more quickly in the event of an attack.
- Open your registry.
- Find the key [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters].
- Then create a new DWORD value which is called "SynAttackProtect." Set it to either 0, 1 or 2.
(default) - typical protection against SYN attacks1 - better protection against SYN attacks that uses the advanced values below.2 (recommended) - best protection against SYN attacks. This value adds additional delays for connection indications, and TCP connection requests quickly timeout when a SYN attack is progressing.
Optional Advanced Values
If you want extra control, you can create the additional DWORD values in the same key for each of the items which are introduced below. In this case, they are not required for SynAttackProtect to be effective.
TcpMaxHalfOpen - default value is "100"TcpMaxHalfOpenRetried - default value is "80"TcpMaxPortsExhausted - default value is "5"TcpMaxConnectResponseRetransmissions - default value is "3"
Restart Windows for the changes to take effect