In a SYN flood attack, the attacker sends repeated SYN packets to every port on the targeted server, often using a fake IP address. The server, unaware of the attack, receives multiple, apparently legitimate requests to establish communication. It responds to each attempt with a SYN-ACK packet from each open port.

The malicious client either does not send the expected ACK, or—if the IP address is spoofed—never receives the SYN-ACK in the first place. Either way, the server under attack will wait for acknowledgement of its SYN-ACK packet for some time.

https://www.secuneus.com​​​​​​​/

Facebook : https://www.facebook.com/SecuneusTech/
Instagram : https://www.instagram.com/secuneustech/
LinkedIn : https://www.linkedin.com/company/secuneus-technologies/

source