Skip to content
Get A Demo
Free SIEM

    Denial of Service

    A denial-of-service (DoS) is any type of attack where the attackers attempt to prevent legitimate users from accessing the service. In a DoS attack, the attacker usually sends excessive messages asking the network or server to authenticate requests that have invalid return addresses.

    The network or server will not be able to find the return address of the attacker when sending the authentication approval, causing the server to wait before closing the connection. When the server closes the connection, the attacker sends more authentication messages with invalid return addresses. Hence, the process of authentication and server wait will begin again, keeping the network or server busy.

    A DoS attack can be done in a several ways. The basic types of DoS attack include:

    • Flooding the network to prevent legitimate network traffic
    • Disrupting the connections between two machines, thus preventing access to a service
    • Preventing a particular individual from accessing a service.
    • Disrupting a service to a specific system or individual
    • Disrupting the state of information, such resetting of TCP sessions

    Another variant of the DoS is the smurf attack. This involves emails with automatic responses. If someone emails hundreds of email messages with a fake return email address to hundreds of people in an organization with an autoresponder on in their email, the initial sent messages can become thousands sent to the fake email address. If that fake email address actually belongs to someone, this can overwhelm that person’s account.

    DoS attacks can cause the following problems:

    • Ineffective services
    • Inaccessible services
    • Interruption of network traffic
    • Connection interference