Main Page | See live article | Alphabetical index

Denial of service

A denial-of-service (DoS) attack is any of certain forms of malicious damage to computer systems. The aim of such an attack is to prevent legitimate users from accessing their services.

A DoS attack is generated in a number of ways. There are three basic areas of attack - the consumption of limited resources, such as bandwidth, disk space or CPU time; alterations to configuration information, such as routing information or registry entries; and the physical disruption of networking components.

The attack on resources has become increasingly popular, mainly through attempts to "flood" a network with excess or spurious packet data over the internet, thereby preventing legitimate traffic.

A distributed denial-of-service (DDoS) attack, which is a DoS attack where many computers work in unison to attack a target system, has also gained notoriety due to the efficient tools which are available to create and launch such an attack.

One particular variant of a DoS attack on the public Internet is a smurf attack. This attack relies on mis-configured network devices that respond to so-called broadcast addresses. Abusers will send large numbers of IP packets with a faked source address (the source address is set to the address of a victim, such as an IRC server). To combat Denial of Service problems on the Internet, services like the Smurf Amplifier Registry have given Network Service Providers the ability to identify mis-configured networks and take appropriate action such as filtering.

DDoS attacks are comparable to the "Slashdot effect" that occurs when a website gets a sudden spike in traffic which its server cannot handle due to a popular website linking to it.

External links