DoS


DoS is the short form for “denial of service” and refers to the fact that a server, a network or a service is rendered inoperable due to an excessive number of requests. A DoS can occur because of an attack, a software error or a massive influx of visitors. If a denial of service attack is performed via multiple locations simultaneously and coordinated, it is a distributed denial of service. If you perpetrate a DoS attack deliberately in Germany, you will face criminal prosecution by the authorities.

Types[edit]

A DoS attacks can be executed in various forms:

Syn flooding[edit]

In this form of DoS, the “handshake” which is performed during connection setup in TCP/IP-based networks between server and client is manipulated. During the exchange of SYN and ACK packets, the attacker inserts an unreachable return address. The target computer then tries to reply to this address, the answer runs into the void, so that the computer keeps trying to establish a connection. If such requests arrive in huge quantity, the server breaks down under the burden of trying to respond to these addresses.

E-mail bombing[edit]

In this case, a target computer is downright “bombarded” with thousands of e-mails.

Ping flooding[edit]

Using a ping, a program checks the availability of a computer on the Internet. If a DoS is to be brought about this way, the attacker sends off a huge amount of pings. The affected server or computer can become overloaded with the required responses to a point where it collapses. Especially older systems are affected by these attacks.

Unintentional DoS[edit]

However, it can also happen that a website breaks down because of an unforeseen peak in visitor numbers. This often happens when a particular event has occurred and users visit a particular website to obtain the latest information. But even promotional activities that create thousands of visitors can cause server crashes, such as the discounter Lidl in 2009. At pop concerts for popular artists, for example, the ticket server may become overloaded due to many requests.

Intentions[edit]

DoS attacks are carried out for different purposes. For one, criminals execute such attacks frequently to distract security systems while data is stolen at another location. Moreover, online stores get blackmailed with threatened DoS attacks. Secondly, DoS attacks are also carried out as a protest. An example is the hacker group Anonymous, which paralyzed the payment network PayPal using a DDoS.