A method of
censorship currently practiced by those who are not
authorities. A DOS attack works by sending a large number of phony
pings or
page view requests to a specific
server, overwhelming it. Those servers that are not shut down by the attack are slowed to a crawl as they try to filter out the few real requests from the fake ones.
DOS attacks are difficult to track, because the packets received by the server have forged their return address to be a bogus IP.
The improvement of server technology has made a DOS attack from a single computer difficult, when not impossible. Thus, the Distributed Denial of Service attack, or DDOS, has come about. A DDOS attack works like this:
- The hacker/cracker/script kiddie breaks into a bunch of computers and installs a slave program on them.
- Our Bad Guy picks out his target.
- The Bad Guy uses his own computer to tell his slave computers to start sending phony page view requests to the target.
- The target gets overwhelmed with page view requests from dozens, if not hundreds of slave computers.
In February of 2000, several large sites, including
Yahoo,
Amazon.com,
Buy.com and
E*Trade were hit in rapid succession by parties as yet
unknown in a massive DDOS attack.
A DOS attack itself should not be confused with hacking or cracking, as the attacker never gains any access to the target machine.