|
Describes a particular form of electronic
attack against a website or other digital service that result in a
temporary loss of service and access to resources. Denial of service (dos)
attacks rarely damage data or equipment, but they can be expensive for their
targets, especially if the attack is prolonged. In February 2000, some of
the world's largest websites, including yahoo, amazon and
ebay, were forced offline for several hours by such attacks. More
recently, an unknown assailant attacked the computers at the heart of the
internet's domain name system, bringing down several core servers
and disrupting internet activity all over the world.
Distributed
denial of service (ddos) attacks are almost always made by malicious
crackers. They usually involve the sending of vast amounts of data
across the internet to a server that is not equipped to deal with it, from
either a single computer or, more commonly, a widely distributed group of
computers (known as zombies) that have been programmed to attack a
particular site at the same time. Some targets have reported that servers
were being flooded with as much as 1 gigabyte of data per second. A
high-profile attack on Gibson Research Corporation's site in early 2001 was
co-ordinated by a 13-year-old boy from 474 separate pcs, and a
subsequent invasion involved the transmission of over 2 billion malicious
data packets.
Some companies have been accused of crying dos attack
to mask server crashes and other self-generated errors, in the hope of
diverting attention away from serious internal problems. Many kinds of
dos attacks are known, including the syn, Teardrop and Smurf
varieties. Most security experts agree that there is no good defence against
a determined ddos attack once it has started, and have called for
changes to some elements of the internet backbone system to allow
blocking of packets before they reach their target. |
