What is a Denial-Of-Service Attack?

A denial-of-service (DoS) attack attempts to prevent legitimate users from accessing information or services Spectrum Email. By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, websites, online accounts, banking, root name servers, or other services that rely on the affected computer.

One common method of attack involves saturating the target machine with communications requests, so that it cannot respond to legitimate traffic, or responds so slowly that it is effectively unavailable.

During normal network communications using TCP/IP, a user contacts a server with a request to display a web page, download a file, or run an application. The user request uses a greeting message called a SYN. The server responds with its own SYN along with an acknowledgment (ACK), that it received from the user in initial request, called a SYN+ACK. The server then waits from a reply or ACK from the user acknowledging that it received the server’s SYN. Once the user replies, the communication connection is established and data transfer can begin.

In a DoS attack against a server, the attacker sends a SYN request to the server. The server then responds with a SYN+ACK and waits for a reply. However, the attacker never responds with the final prerequisite ACK needed to complete the connection.

The server continues to “hold the line open” and wait for a response (which is not coming) while at the same time receiving more false requests and keeping more lines open for responses. After a short period, the server runs out of resources and can no longer accept legitimate requests.

A variation of the DoS attack is the distributed denial of service (DDoS) attack. Instead of using one computer, a DDoS may use thousands of remote controlled zombie computers in a botnet to flood the victim with requests. The large number of attackers makes it almost impossible to locate and block the source of the attack. Most DoS attacks are of the distributed type.

An older type of DoS attack is a smurf attack. During a smurf attack, the attacker sends a request to a large number of computers and makes it appear as if the request came from the target server. Each computer responds to the target server, overwhelming it and causes it to crash or become unavailable. Smurf attack can be prevented with a properly configured operating system or router, so such attacks are no longer common.

Leave a comment

Your email address will not be published. Required fields are marked *