Methods / L4 / SYN-OPT
L4 · NetworkTCPEvasiveState ExhaustionStealth
SYN-OPT stress test
Drives a SYN flood whose packets carry realistic TCP options so they mimic genuine clients, validating mitigation that inspects more than packet shape.
How it works
Unlike a bare SYN flood, this method attaches the TCP options a real client negotiates, such as Maximum Segment Size, Window Size, and SACK, so each packet looks like a legitimate connection attempt. That realism slips past naive heuristics that flag SYNs on missing or default options, while still loading the connection state table. It validates whether your defenses do option-aware analysis or full-handshake validation rather than trusting surface-level fingerprints.
Parameters
pps600k ppsSYN packet rate driven at the target port
tcp optionsMSS/SACK/WindowRealistic option set attached to each SYN
sourceswide source spreadDistributes traffic across many source addresses
duration10-600 sLength of the test window
Run it from the CLI
retro-cli
$ retro run syn-opt --target 203.0.113.45 --port 443 --duration 120
SYN-OPT FAQ
Is SYN-OPT testing legal?+
Only against infrastructure you own or are authorized to test. RETRO//STRESS requires authorized targets.
What does SYN-OPT stress?+
Drives a SYN flood whose packets carry realistic TCP options so they mimic genuine clients, validating mitigation that inspects more than packet shape.
Can I combine it with other methods?+
Yes, add it as a step in a packet chain to sequence it with other protocols.