← Back to Glossary

What is Connection Flooding?

by Bethany Hendricks on Glossary • September 4, 2020

Malicious client(s) are set up to incessantly request new TCP connections, with or without proceeding with further requests over established connections, until the server is saturated and unable to serve legitimate clients new TCP connections. This is a form of Distributed Denial of Service attack. Network traffic restrictions such as limiting connection rates and the number of open connections per client/IP can help to mitigate the effect of this type of DDoS attack. A load balancer or application delivery controller can be configured to track such metrics as connection rates and the number of open connections, among others, per client. This record can then be used to selectively and dynamically decide on actions to take upon further connection requests and data transmission from each client.