Denial of service attack
What are denial-of-service attacks (DoS)?
These are attempts to overload a server with requests so that users can no longer access it. These attacks are not intended to steal or compromise data – they aim to shut down a service altogether by flooding it with useless traffic.
Here is a list of varying (colorful) types of DoS attacks:
- Buffer Overflow: transfers more data than a buffer can handle, causing an overflow. This overflow contains hidden instructions that corrupt the system.
- Ping of Death: sends ping requests, which are larger than the size IP allows
- Smurf Attack: pings are sent to an IP broadcast address as if they originated from a targeted victim. These pings are magnified and echoed back to the victim. In sufficient volume, they can bring down a server.
- TCP SYN attack: these are requests that cannot be completed, and therefore pile up in a queue. In sufficient quantity, they too can bring down a server.
In order to leverage the required volume of traffic to overload a server, botnets are frequently used. In this case, the attack is referred to a distributed denial-of-service attacks (DDoS).
High-profile cases of denial-of-service attacks include HSBC, BBC, and the Estonian governmental/financial institutions back in 2007.