Originally posted by savant123456
Waytoolong (my bitch),
Before I keep my ignorant trap shut and mind my own business, I would like to put in my two cents worth:
A "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service. Examples include : attempts to "flood" a network, thereby preventing legitimate network traffic
Denial-of-service attacks come in a variety of forms and aim at a variety of services. There are three types of attack:
- consumption of scarce, limited, or non-renewable resources
- destruction or alteration of configuration information
- physical destruction or alteration of network components
Lets just talk about the first one,
Consumption of Scarce Resources
Computers and networks need certain things to operate: network bandwidth, memory and disk space, CPU time, data structures etc.
Bandwidth Consumption
An intruder may also be able to consume all the available bandwidth on your network by generating a large number of packets directed to your network. Typically, these packets are ICMP ECHO packets, but in principle they may be anything. Further, the intruder need not be operating from a single machine; he may be able to coordinate or co-opt several machines on different networks to achieve the same effect. (Like multiple idiots using this script)
Consumption of Other Resources
In addition to network bandwidth, intruders may be able to consume other resources that your systems need in order to operate. For example, in many systems, a limited number of data structures are available to hold process information (process identifiers, process table entries, process slots, etc.). An intruder may be able to consume these data structures by writing a simple program or script that does nothing but repeatedly generating queries. Many modern operating systems have quota facilities to protect against this problem, but not all do. Further, even if the process table is not filled, the CPU may be consumed by a large number of processes and the associated time spent switching between processes.
Also, many sites have schemes in place to "lockout" an account after a certain number of failed login attempts. A typical set up locks out an account after 3 or 5 failed login attempts. An intruder may be able to use this scheme to prevent legitimate users from logging in. (Like in this case where the status is not available to other users due to quota restrictions)
Legal Issues:
Many organizations can suffer financial loss as a result of such tacttics and may wish to pursue criminal or civil charges against the intruder. Many goverment organizations such as BCIS are vulnerable to such attacks and hence enlist the help of private soft companies for tracking an intruder.
Idiots like waytoolong do not understand the complexity of an issue but feel threatened if someone makes them aware of it. I have no vested interest in this. Feel free to use this facility at ur own discretion.
-Savant
