Thursday, April 21, 2005

What is a Denial of Service attack?

A Denial of Service (DoS) attack happens when the users of a particular service (or a website) are unable to access or use that service because of an attack on that service. Lets say an attacker floods a particular website with so many requests at once, that the site is unable to serve its regular users. The server is so busy trying to keep up with the numerous requests (lets say about 5000 concurrent requests each second) that it seems to be non responsive to any other users request.

In a DoS attack, the goal of the attacker possibly cannot be to steal data or user information. The attacker just wants to disrupt the service.

Computers and networks need network bandwidth, CPU power, hard disk space etc to operate. Even if one of the resource is consumed in excess, then it can lead to a DoS attack. On example of consuming scare resources to cause a DoS attack is a SYN flood attack.

A Distributed Denial of Service (DDoS) attack occours, when a bunch of machines direct their attack towards a single target. Sometimes crackers infect vulnerable machines (like unpatched machines) with malicious code to orchestrate a DDoS attack on a particular target. This gives you one more reason to patch-up your computers with the latest security updates.

Good job! Adding a paragraph on how this is averted would complete the picture.
I've posted an entry on how to mitigate a DOS attack. Realistically a DOS attack, or more specifically a DDOS attack, is very difficult to mitigate. It is tricky to stop a DOS/DDOS attack, because the sys-admin might not be able to differentiate between the legitimate traffic and the DDOS traffic.
Post a Comment

<< Home

This page is powered by Blogger. Isn't yours?

Copyright Anand Jain 2004, 2005. All rights reserved.