In a DoS, the attacker does not actually access the system. Rather, this person simply blocks access
from legitimate users (CERT, 2003). One common way to prevent legitimate service is to flood the
targeted system with so many false connection requests that the system cannot respond to legitimate
requests. DoS is a very common attack because it is so easy.
In recent years there has been a proliferation of DoS tools available on the Internet. One of the most
common such tools is the Low Orbit Ion Cannon (LOIC). Because these tools can be downloaded for
free from the Internet, anyone can execute a DoS attack, even without technical skill.
We also have variations, such as the DDoS attack. This uses multiple machines to attack the target.
Given that many modern websites are hosted in network clusters or even in clouds, it is very difficult
for a single attacking machine to generate enough traffic to take down a web server. But a network
of hundreds or even thousands of computers certainly can. We will explore DoS and DDoS attacks in
more detail in Chapter 4, “Denial of Service Attacks.”
0 Comments