This chapter will give you a firm understanding of what con-
stitutes a denial-of-service (DoS) attack, the tools and methods
used to deploy it, and strategies used to defend against such
attacks. DoS is one of the most interesting methodologies employed by the hacking com-
munity because of its dramatic impact on the targeted victim and the widely varied base
of tools used to launch the attack. Additionally, the means of successfully launching a DoS
attack are many, but the end result is essentially the same; as an attacker, your goal is to
completely remove the availability of the targeted resource. As you progress through the
sections of this chapter, remember your focus when exploring DoS in all its variations.
Your goal is to remove the “A” from the Confidentiality, Integrity, and Availability triad.
Understanding DoS
Denial of service is an attack that aims at preventing normal communication with a
resource by disabling the resource itself, or by disabling an infrastructure device provid-
ing connectivity to it. The disabled resource could be in the form of customer data, website
resources, or a specific service, to name a few. The most common form of DoS is to flood
a victim with so much traffic that all available resources of the system are overwhelmed
and unable to handle additional requests. The attacker floods the victim network with
extremely large amounts of useless data or data requests, thereby overwhelming the net-
work and rendering it useless or unavailable to legitimate users.
So what are the signs of a potential DoS attack? Well, there are a few that may indicate
that a DoS attack may be in effect, such as:
■ Unavailability of a resource
■ Loss of access to a website
■ Slow performance
■ Increase in spam e-mails
Be cautious with the warning signs. As with anything in this book, you will
need to do further examination to determine if you have a genuine attack
on your hands or just a localized network issue.