A client wants a system so that they can monitor connection queues on network equipment for too many half-open connections, as well as look for bandwidth consumption from the same types of connections. What kind of attacks will this type of system defend against?
A system that monitors connection queues for too many half-open connections and checks bandwidth consumption from the same types of connections is designed to defend against SYN flood attacks. SYN floods work by sending a large number of SYN requests to a target's server, causing it to hold multiple half-open connections and consume resources. This can overwhelm the server, making it unable to respond to legitimate traffic, thus constituting a type of Denial of Service (DoS) attack. Monitoring for these patterns helps in identifying and mitigating such attacks.
Should be SYN Flood for half open connection.