display | more...

Very prolific on cable networks and amoungst IRC lamers, denial of service attacks against the windows TCP/IP stack have become increasingly common in the past few years, starting with the now famous winnuke attack, which just happened to appear at the same time as the internet became popular amongst the masses, and according the 15 year old script kiddiez.

That's not to say that it's a windows only problem, for example Teardrop effected linux as well, there was a BSD attack in late 1998, and Sun attacks have existed for years. It's just that windows has a lot more of them of late, partially due to a poorly designed TCP/IP stack, partially due to it being the most popular target

An information systems attack in which no access to the system(s) is gained, but rather a loss of service is incurred, typically the loss of all network connectivity and services.

See: buffer overflow attack, SYN attack, teardrop attack, smurf attack
A method of censorship currently practiced by those who are not authorities. A DOS attack works by sending a large number of phony pings or page view requests to a specific server, overwhelming it. Those servers that are not shut down by the attack are slowed to a crawl as they try to filter out the few real requests from the fake ones.

DOS attacks are difficult to track, because the packets received by the server have forged their return address to be a bogus IP.

The improvement of server technology has made a DOS attack from a single computer difficult, when not impossible. Thus, the Distributed Denial of Service attack, or DDOS, has come about. A DDOS attack works like this:

  1. The hacker/cracker/script kiddie breaks into a bunch of computers and installs a slave program on them.
  2. Our Bad Guy picks out his target.
  3. The Bad Guy uses his own computer to tell his slave computers to start sending phony page view requests to the target.
  4. The target gets overwhelmed with page view requests from dozens, if not hundreds of slave computers.
In February of 2000, several large sites, including Yahoo, Amazon.com, Buy.com and E*Trade were hit in rapid succession by parties as yet unknown in a massive DDOS attack.

A DOS attack itself should not be confused with hacking or cracking, as the attacker never gains any access to the target machine.

Actually, a DoS attack is not necessarily random (or even targeted) vandalism. Such an attack can be a crucial part of a well-planned break-in: for example, if the target network is guarded by an Intrusion Detection System, the cracker would do well to first take down that system so that it doesn't interfere with (or record) what happens next. Furthermore, after a successful DoS on a key server (DNS, for example), the cracker might be able to pose as that server and give responses that help them to break into other systems.

Log in or register to write something here or to contact authors.