In a RST/FIN Flood, attackers send highly-spoofed RST or FIN packets at an extremely high rate that do not belong to any session within the firewall’s state-table and/or server’s session tables. The RST or FIN flood DDoS attack exhausts a victim’s firewalls and/or servers by depleting its system resources used to look up and match these incoming packets to an existing session.
