Denial of service attack

May 2015

Introduction to denial-of-service attacks

A "denial-of-service attack" (abbreviated DoS) is a type of attack that aims to make an organization's services or resources unavailable for an indefinite amount of time. Most of the time, these attacks are aimed at a company's servers, so they may not be used or consulted.

Denial-of-service attacks are a hassle that can affect any company server or any individual connected to the internet. The goal of such an attack is not to retrieve or alter data, but to damage the reputation of companies that are present on the internet and to potentially keep them from operating properly if their activity is based on an information system.

Technically speaking, these attacks are not very complicated, but are not any less effective against any type of machine with a Windows (95, 98, NT, 2000, XP, etc.), Linux (Debian, Mandrake, RedHat, Suse, etc.), Commercial Unix (HP-UX, AIX, IRIX, Solaris, etc.) or any other type of operating system. Most denial-of-service attacks exploit flaws related to the implementation of a TCP/IP model protocol.

Denials of service are usually broken down into two types:

  • Denials of service by saturation, which involve flooding a machine with requests so it can no longer respond to actual requests;
  • Denials of service by vulnerability exploitation, which involve exploiting a flaw in the remote system so as to make it unusable.

The principle of denial-of-service attacks involves sending IP packets or data of unusual sizes or forms, so as to saturate the target machines or make them unstable and therefore keep them from providing the network services they offer.

When a denial of service is triggered by several machines, this is referred to as "distributed denial of service" (abbreviated DDOS). The most well-known distributed denial-of-service attacks are Tribal Flood Network (abbreviated TFN) and Trinoo.

Protecting yourself from a denial of service

To protect yourself against this type of attack, it is important to keep an active watch over new attacks and vulnerabilities and to retrieve patches from the internet that are designed by software publishers and some specialized groups:

For unlimited offline reading, you can download this article for free in PDF format:
Denial-of-service-attack.pdf

See also


Ataque por denegación de servicio
Ataque por denegación de servicio
Denial of Service Angriff
Denial of Service Angriff
Attaque par déni de service
Attaque par déni de service
Attacco Denial of Service (DoS)
Attacco Denial of Service (DoS)
Ataque por recusa de serviço
Ataque por recusa de serviço
This document entitled « Denial of service attack » from Kioskea (en.kioskea.net) is made available under the Creative Commons license. You can copy, modify copies of this page, under the conditions stipulated by the license, as this note appears clearly.