Denial-of-Service attack (DoS) and Distributed-Denial-of-Service (DDoS)

A denial of service attack is a special kind of Internet attack on a network that is carried out at large websites. This attack is designed to perform on the network in order to bring it down to its knees by flooding it with useless traffic. Denial of Service can result if a system (like web server) if flooded with a huge number of illegitimate requests. This act makes the web server unable to respond on legitimate and real requests or tasks.

A Dos attack can be executed in a number of ways, but its three basic types of attacks are:

  • Consumption of computational resources, such as disk space, CPU time, and band width.
  • Disruption of configuration details, such as routing information.
  • Disruption of physical network components.

DoS attack may bring the following consequences:

  • Slow network performance.
  • Unavailability of a particular web site.
  • Inability to access a particular web site.
  • Dramatic increase of spam in your account.

Common forms of denial of service attacks are,

  1. a) Buffer Overflow Attacks simply send more traffic to a network address than the programmer’s expectation on size of buffers.
  2. b) In Smurf Attack, the perpetrator sends an IP ping request to a receiving site.
  3. c) SYN floods are a type of attack when a computer tries to make a TCP/IP connection to another computer.

To control DoS attack, only ingress filtering is the only counter measure and that too to a small extent.