(As we all know, DoS (DenialofService, denial of service attack) is the basis of ddos, which takes advantage of the loopholes in the TCP three-way handshake process. The attacker first sends a Syn connection request with a fake address to the server. After the server receives the ~lJSyn request message, it sends a Syn ACK or RST reply message, and then waits for the return message. Because the address is fake, the server has never been able to wait for the returned message, and the server resources allocated to this request can never be released. When the server waits for a certain amount of time, the connection is terminated due to a timeout. The attacker will send a new batch of requests again, and in this situation of repeatedly and endlessly sending fake address requests, the server resources will eventually be exhausted in the long wait for answers.)