so what the heck is a denial of server anyways? well, its just simply means whatever service in your computer are not available completely or partially.

a Denial of Service (DoS) attack is any atack that consumes or disables resources in order to interrupt servies to legitimate users. the objective of the Dos attace is to disrupt normal operations, but not destroy or steal data. this causes inconvenience at best, diminished revenue and reputation for the victim at worst.

its like when you try to access your website, but its very slow, because there are some robots downloading all your content and your bandwidth and cpu is at peak usage, so you experience very slow traffic on your website because someone caused it to slow down by attacking your website.

dos attacks represent a major problem to security administrators because they take numerous forms, are very common and can be very cotly to the attacked businesses. a wide range of attack tools are available that allow malicious users to attack systems of all sorts, and many of the tools have easy to sue graphical user interfaces that some hacker created for the purpose of harming someone else system. a dos attacker need not have deep knowledge of networks or systems in order to launch a damaging attack. because many of the attck tools requiree only basic computer knowledge to operate.

these are some modes of attacks:

* causing your windows xp pc to crash
* clogging network connections to a web server with fake traffic, slowing the user's traffic down or making it completely unable to load your web pages
* overloading your computer system by consuming resources like disk space, so your computer doesnt have enough disk space to process any other services in your server, this can also be bandwidth, buffers, or queues
* remotely causing your system to crash
* the most common is overwhelming a DNS server with lookup request until it runs out of memory and crashes, making it impossible to resolve addresses for the domains it serves, and thereby interrupting access to any web pages withint the domain

security admins should be familiar with the more common dos attacks in order to secure their networks and system from such attacks, here are some examples of DOS attacks:

SYN FLOOD:
a SYN flod attack prevents users from accessing a target server by flooding it with half-open TCP connections

normal tcp connections between two hosts are arranged with exchanges of three packets

1. the first packet is sent from the client to the server with SYN flag set.
2. the server acknowledges the session by replying with a packet that has both the SYN and the ACK falgs set
3. the client responds to the server with an ACK packet, the TCP session is completely established and the two hosts are able to exchange data.

if for some reason the client doesn't complete the connection by sending the ACK packet, the server waits a couple of minutes giving the client plenty of time to respond, before cleaning the uncompleted connectin from memory and making it availe for use by others.


did this help you?