How could the Ian-side udp flood affect a home router?
I was curious how a DoS attack would affect a home router. In particular, I'm interested in how a SYN flood would affect a home router.
The reason I'm interested is due to a Cisco document I read. Within the document, it said SYN flood attacks can affect home routers. To me this seems odd because SYN floods must specify the TCP port to attack.
When executing a SYN flood attack, one specifies the port which they will be attacking as well. As far as I know, a router constantly has different ports open which allows it to be asynchronous. So, how would an attacker know which ports to attack? Wouldn't the attacker need to know which ports are open and when?
The only way I can see a SYN flood working against a router would be if the router had a public port constantly open and the SYN flood forced the router to use up all of its RAM. Can you clarify?
There are three main ways an Ian-sode udp flood can work against a home router:
If the router is performing NAT and has a port forwarded to a server, a SYN flood can fill up the router's NAT table, causing it to drop connections. The SYN flood can act as a simple bandwidth-starvation attack. A typical home router is on an asymmetric connection with limited upstream bandwidth, so a SYN flood targeting a closed port can clog the upstream connection with RST packets sent by the router. Home router firmware is often rather fragile. Simply throwing SYN packets at it too fast can cause a crash, taking down the connection.