When a Denial of Service attack occurs, is it vandalism and mischief, an act of war, or a new form of democratic protest? The answer to that question might depend on which side you are on — it is a bit like the quote that “one man’s terrorist is another man’s freedom fighter“. Regardless of your point of view, it is a way to take control of someone else’s data and information by denying others access to it — to illegally tame it, if you will.
First, let’s examine the official definitions of a Denial of Service attack and a Distributed Denial of Service attack.
The information quoted below is from the web site of the United States Computer Emergency Readiness Team (US-CERT).
What is a denial-of-service (DoS) attack?
In a denial-of-service (DoS) attack, an attacker attempts to prevent legitimate users from accessing information or services. By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, websites, online accounts (banking, etc.), or other services that rely on the affected computer.
The most common and obvious type of DoS attack occurs when an attacker “floods” a network with information. When you type a URL for a particular website into your browser, you are sending a request to that site’s computer server to view the page. The server can only process a certain number of requests at once, so if an attacker overloads the server with requests, it can’t process your request. This is a “denial of service” because you can’t access that site.
An attacker can use spam email messages to launch a similar attack on your email account. Whether you have an email account supplied by your employer or one available through a free service such as Yahoo or Hotmail, you are assigned a specific quota, which limits the amount of data you can have in your account at any given time. By sending many, or large, email messages to the account, an attacker can consume your quota, preventing you from receiving legitimate messages.
What is a distributed denial-of-service (DDoS) attack?
In a distributed denial-of-service (DDoS) attack, an attacker may use your computer to attack another computer. By taking advantage of security vulnerabilities or weaknesses, an attacker could take control of your computer. He or she could then force your computer to send huge amounts of data to a website or send spam to particular email addresses. The attack is “distributed” because the attacker is using multiple computers, including yours, to launch the denial-of-service attack.
Second, Patrick Clair provides an overview of what happens when someone or some group decides to block access to your online data.
I used to work at an ISP, and DoS and DDoS are not child’s play. Each one requires a huge expenditure of personnel time and effort to stop.
What did you think of the video? Are there any areas the creator didn’t cover, either technical or social? How well do you think we can protect our networks from a concerted attack going forward?