The IT Law Wiki


A denial-of-service attack (DoS) (also called an availability attack) is

one in which an attack from a single source overwhelms a target computer with messages, denying access to legitimate users without actually having to compromise the targeted computer.[1]
[a] method of attack that denies system access to legitimate users without actually having to compromise the targeted system. From a single source, the attack overwhelms the target computers with messages and blocks legitimate traffic. It can prevent one system from being able to exchange data with other systems or prevent the system from using the Internet.[2]
attempts to prevent legitimate users from accessing a resource — in this case a network or website. This is most commonly done by "flooding" a network with information and overloading the server with so many requests for information that it cannot process other, legitimate requests.[3]
involves flooding a targeted system with incoming, useless traffic with the goal of making the attacked network unavailable to its intended users.[4]

Although frequently intentional, a DoS can also occur unintentionally through a misconfigured system.

How it works[]

In some ways, DOS attacks are like heavy storms that overload gutters. As more rainwater falls into the gutter system than it can handle, water backs up, unable to flow through until the rain lets up.[5]

The design of the Internet Protocol technology permits the mounting of denial-of-service attacks. Denial-of-service attacks compromise the availability of computer resources.

There are two types of denial-of-service attacks. The first type of attack attempts to damage or destroy computer resources. The second type of attack overloads some system service or exhausts some resource, thus preventing others from using that service.

Viruses and worms are commonly used to launch denial-of-service attacks, which generally flood targeted networks and systems with so much data transmission that regular traffic is either slowed or completely interrupted. Such attacks have been utilized ever since the groundbreaking Morris worm, which brought 10% of the systems connected to the Internet to a halt in November 1988. In 2001, the Code Red worm used a denial-of-service attack to affect millions of computer users by shutting down websites, slowing Internet service, and disrupting business and government operations.

Denial-of-service attacks are very common on the Internet. Malicious attackers shut down websites, reboot computers, or clog networks with junk packets. DOS attacks can be very serious, especially when the attacker is clever enough to launch an ongoing, untraceable attack. Websites serious about security can launch these same attacks against themselves to determine how much damage can be done.

Since the sender is not interested in return traffic, it usually fakes the source addresses in its packets, making it much harder to identify the source of the attack.

"A DOS attack itself does not constitute an intrusion into the network or website, but it may be combined with other forms of attack to compromise the confidentiality or integrity of the network or its data."[6]


See also[]