Get this Security+ CertiGuide for your own computer.
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 1:  General Security Concepts (Domain 1.0; 30%)
      9  1.4  Attacks

Previous Topic/Section
1.4  Attacks
Previous Page
Pages in Current Topic/Section
1
Next Page
Impact of DDos Attacks
Next Topic/Section

1.4.1  Denial of Service (DoS) / Distributed Denial of Service (DDoS)

One of the more popular attacks of recent times is the DoS attack, or “Denial of Service.” A DoS attack does just what its name suggests – denies legitimate users access to some network or system service. It’s based on a simple premise – the attacker attempts to flood the target with large amounts of data, with one of two results:

  • The network it sits on becomes saturated with this data and is thus unusable.

  • Eventually, a device on the network (such as a firewall or router) or the targeted host itself will succumb to this flood of data, and stop serving legitimate requests.

A variant on this attack – DDoS, or “Distributed Denial of Service” – produces the same result by sending a coordinated flood of data from multiple hosts, generally from multiple locations around the Internet. These hosts are usually machines that the attacker has previously broken into and “Trojaned” with a “DDoS client” such as Trinoo, whose purpose is to stage a DoS attack on a target system. At the attacker’s signal, these hosts spring into life and start sending data to the target as quickly as possible. This type of attack is becoming more of a concern as more home users gain broadband connections and place systems on public networks without properly securing them first. Even today’s wireless phones are subject to a DoS attack65.

DoS/DDoS

A Denial-of-Service (DoS) attack is an attempt to flood the target with data, so that either the target network is saturated with data, or the target host is saturated with requests, resulting in services being denied to legitimate users.

A Distributed Denial-of-Service (DDoS) attack is a DoS attack implemented by staging a DoS attack against a target from multiple systems simultaneously.

Trinoo is a classic DDoS tool


Quick navigation to subsections and regular topics in this section



 __________________

65. http://www.zdnet.com.au/newstech/security/story/0,2000024985,20272408,00.htm

Previous Topic/Section
1.4  Attacks
Previous Page
Pages in Current Topic/Section
1
Next Page
Impact of DDos Attacks
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.