DoS and DDoS

A Denial-of-Service (DoS) attack involves a malicious attempt to disrupt the operation of a computer system or network that is connected to the Internet. The most common form of attack is one which disrupts the operation of the computer system or network by consuming the bandwidth of the victim network or overloading the computational resources of the victim system.

DoS attacks are particularly concerning because they usually target a specific organisation. As a consequence the attacker might be the same sort of person who creates viruses or worms, but the range of possible attackers includes many others who will have the motive, knowledge and resources to do considerable damage.

The most common form of defence against a DoS attack is to locate the source of the attack and to filter out the attacker’s network traffic from that source. 

A Distributed Denial-of-Service (DDoS) attack is a more dangerous evolution of a DoS attack because it utilises a network of compromised zombie computers to mount the attack, so there is no identifiable single source.

The attacker compromises the zombie computers using a specially crafted piece of malicious software that allows the attacker to instruct the zombies to send messages to the victim organisation creating a denial of service.

Botnets are used for other purposes as well as DDoS, most commonly for sending spam email. They are so widely used that there is even a black market where a person or organisation wishing to launch a DDoS attack can purchase access to a large number of existing zombies.

Countering a DDoS attack can be thought of as a trial of strength. The attacker is seeking to saturate a finite resource of the victim, be it bandwidth, CPU cycles or disk space. The defender is seeking to provide sufficient resource, or to stop sufficient of the attacker’s messages, to prevent that saturation.

A determined DDoS attack is difficult to mitigate; websites can be protected by hosting cached content across many servers but this solution can be expensive.