Denial of Service
A Denial of Service (DoS)attack, is an Internet attack against a Web site whereby a client is denied the level of service expected. In a mild case, the impact can be unexpectedly poor performance. In the worst case, the server can become so overloaded as to cause a crash of the system.
DoS attacks do not usually have theft or corruption of data as their primary motive and will often be executed by persons who have a grudge against the organisation concerned. The following are the main types of DoS attack :-
- Buffer Overflow Attacks; whereby data is sent to the server at a rate and volume that exceeds the capacity of the system; causing errors.
- SYN Attack. This takes places when connection requests to the server are not properly responded to, causing a delay in connection. Although these failed connection will eventually time out, should they occur in volume, they can deny access to other legitimate requests for access.
- Teardrop Attack. The exploitation of a features of the TCP/IP protocol whereby large packets of data are split into 'bite sized chunks' with each fragment being identified to the next by an 'offset' marker. Later the fragments are supposed to be re-assembled by the receiving system. In the teardrop attack, the attacker enters a confusing offset value in the second (or later) fragment which can crash the recipient's system.
- Smurf Attack or Ping Attack. This is where an illegitimate 'attention request' or Ping is sent to a system, with the return address being that of the target host (to be attacked). The intermediate system responds to the Ping request but responds to the unsuspecting victim system. If the receipt of such responses becomes excessive, the target system will be unable to distinguish between legitimate and illegitimate traffic.
- Viruses. Viruses are not usually targeted but where the host server becomes infected, it can cause a Denial of Service; or worse.
- Physical Attacks. A physical attack may be little more that cutting the power supply, or perhaps the removal of a network cable.
*** The Information Security Glossary ***