What are Denial of Service Attacks?
In my most recent computer networking course, I reviewed many of the networking fundamentals and explored different attacks. DoS is one that I had heard many times before but never really understood what it meant or how it worked, so here’s a quick overview:
Denial of Service, or DoS, is a type of malicious attack where an a network is flooded with fake requests in order to slow down and disrupt that network from working properly.
How would this affect you? In a DoS attack, users have a difficult time being able to perform routine tasks, such as accessing emails, websites, online accounts, or really anything that’s operated on the compromised computer or network.
Types of DoS Attacks
There are two main types of DoS attacks:
The attacker drives more traffic to the network than it can handle, which causes the network and system to use up all of its “buffer” or memory storage. The buffer overflow happens when the volume of data is greater than the available bandwidth (disk space, memory or CPU) and it results in a slow performance or system crash. (This is the most common DoS attack.)
These occur when a system receives too much traffic for the server to manage. This causes the server to slow down and sometimes fully stop.
Common flood attacks are ICMP Floods (aka ping attacks) which exploit misconfigured network devices. SYN floods, also common, send connection requests to servers, but never “completes” the handshake with the host, so the SYN requests flood the system until all ports are being used up.
Signs of a DoS Attack
- Slow network performance for common tasks
- Inability to access online resources
- An interruption of loss in connectivity of many devices on the same network
The trouble with this, is that it’s similar to basic network connectivity issues, or routine maintenance on the computer or network, which makes it more difficult to identify.
DDoS (Distributed Denial of Service)
If you’ve heard of DoS, you might have also come across DDoS. DDoS is a Distributed Denial of Service attack. The main difference between the two is that a DDoS attack is launched from multiple locations by multiple systems at the same time. However, a DoS attack comes from a singular source or system.
DDoS are more difficult to identify, track, and neutralize due it coming from various locations and devices. Attackers typically leverage botnets to carry out these synchronized attacks.