A Denial-of-Service (DoS) attack is a malicious attempt to disrupt the normal functioning of a targeted server, service, or network by overwhelming it with a flood of illegitimate traffic or requests. The goal of a DoS attack is to render the target inaccessible to its intended users, causing a denial of service. This can result in legitimate users being unable to access the service or website, leading to loss of productivity, revenue, or reputation for the targeted entity.
There are various types of DoS attacks, including:
-
Volume-based attacks: These flood the target with a high volume of traffic, such as through a flood of UDP, ICMP, or SYN packets, overwhelming its capacity to handle legitimate requests.
-
Protocol attacks: Exploit weaknesses in the protocols used to establish connections between computers. For example, SYN flood attacks overwhelm the target by sending a large number of SYN packets, but never completing the handshake to establish a connection.
-
Application layer attacks (Layer 7 attacks): These exploit vulnerabilities in the application layer protocols, targeting specific functions or resources of a web application or server. Examples include HTTP floods or Slowloris attacks.
DoS attacks can be launched by individuals, groups, or even state-sponsored entities, and they can have serious consequences ranging from temporary disruption to long-term damage, depending on the target and the severity of the attack.