Unwitting Collaborators, Part 7: Denial-of-Service Attacks
- Introduction: What is Denial-of-Service (DoS)?
- The DoS Scenario
- The Security Breach
- Corrective Actions
- Don't Be an Unwitting Collaborator
Introduction: What is Denial-of-Service (DoS)
A denial-of-service (DoS) attack (also referred to as a distributed denial-of-service or DDoS attack) is an attempt by a malicious person or organization to prevent legitimate users from using a network service. The DoS attack can take several forms:
"Flooding" a network with constant requests for service, preventing legitimate network traffic from reaching a service
Disrupting connections between two machines, resulting in the prevention of access to a service
Preventing a particular individual from accessing a service
Disrupting service to a specific system or person
These attacks are becoming more and more sophisticated, and in some cases the denial of service may be part of a larger attack, or used to conceal the real attack that may be in progressor soon to come. Some attacks even can be performed through the illegitimate use of resources such as an FTP site. A malicious intruder may use an anonymous FTP area to store popular information such as illegal copies of commercial software. When this information is announced, the traffic generated by the many users accessing the FTP site could generate an immense increase in network traffic.