First page Back Continue Last page Summary Graphics

Denial of Service Attacks


Denial-of-service attacks are based on the idea of flooding your system with packets in such a way as to disrupt or seriously degrade your Internet connection, tying up local servers to the extent that legitimate requests can’t be honored, or in the worst case, crashing your system altogether. The two most common results are keeping the system too busy to do anything useful and tying up critical system resources.

You can’t protect against denial-of-service attacks completely. They can take as many different forms as the attacker’s imagination allows. Anything that results in a response from your system, anything that results in your system allocating resources, anything that induces a remote site to stop communicating with you, all can be used in a denial-of-service attack.
These attacks usually involve one of several classic patterns, however, including TCP SYN flooding, ping flooding, UDP flooding, and ICMP routing redirect bombs.