DoS Attack DoS stand for denial-of-service attack, a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. DDoS Attack DDoS stands for Distributed Denial of Service. It is an attack where multiple compromised systems which are usually infected with a Trojan are used to target a single system causing a Denial of Service (DoS) attack. Dos Attacks Are Characterized As: * Attempts to flood a network * Attempts to disrupt connections between two computers * Attempts to prevent an individual from accessing a service or attempts to disrupt service to a specific system or person. Hackers use DoS attacks to prevent legitimate uses of computer network resources. Those on the receiving end of a DoS attack may lose valuable resources, such as their e-mail services, Internet access or their Web server. Some DoS attacks may eat up all your bandwidth or even use up all of a system resource, such as server memory, for example. A DoS attack may very well appear to be legitimate traffic on the system or network, but differs in that the volume and frequency of the traffic will increase to unmanageable levels. An attack on a Web server, for example, would not be normal spurts of visitors, but rather a large barrage of hits in close proximity so the server cannot keep up with the sheer volume of page requests. On a mail server, hundreds of thousands of messages can be sent to the server in a short period of time where the server would normally only handle under a thousand messages in that same time period. The targeted server would most likely be brought to a halt from a DoS attack because it runs out of swap space, process space or network connections. While DoS attacks do not usually result in information theft or any security loss for a company, they can cost an organization both time and money while their network services are down. Common Denial of Service Attacks Buffer Overflow - Malicious hackers can launch buffer overflow attacks wherein data with instructions to corrupt a system are purposely written into a file in full knowledge that the data will overflow a buffer and release the instructions into the computer's instructions. Ping of Death - A type of DoS attack in which the attacker sends a ping request that is larger than 65,536 bytes, which is the maximum size that IP allows. While a ping larger than 65,536 bytes is too large to fit in one packet that can be transmitted, TCP/IP allows a packet to be fragmented, essentially splitting the packet into smaller segments that are eventually reassembled. This would effectively cause a buffer overload on the operating system at the receiving end, crashing the system. Smurf Attack - A type of network security breach in which a network connected to the Internet is swamped with replies to ICMP echo (PING) requests. A smurf attacker sends PING requests to an Internet broadcast address. These are special addresses that broadcast all received messages to the hosts connected to the subnet. Each broadcast address can support up to 255 hosts, so a single PING request can be multiplied 255 times. The return address of the request itself is spoofed to be the address of the attacker's victim. All the hosts receiving the PING request reply to this victim's address instead of the real sender's address. TCP SYN Attack - In a SYN attack, a sender transmits a volume of connections that cannot be completed. This causes the connection queues to fill up, thereby denying service to legitimate TCP users. Teardrop - A Teardrop is a type of DoS attack where fragmented packets are forged to overlap each other when the receiving host tries to reassemble them.