Denial of Service Attacks
http://www.cert.org/tech_tips/denial_of_service.html
--------------------------------------------------------------------------------


Description
Impact
Modes of Attack
Consumption of Scarce Resources
Network Connectivity
Using Your Own Resources Against You
Bandwidth Consumption
Consumption of Other Resources
Destruction of Alteration of Configuration Information
Physical Destruction or Alteration of Network Components
Prevention and Response
Revision History

--------------------------------------------------------------------------------


Description
This document provides a general overview of attacks in which the primary goal of the attack is to deny the victim(s) access to a particular resource. Included is information that may help you respond to such an attack.

A "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service. Examples include


attempts to "flood" a network, thereby preventing legitimate network traffic
attempts to disrupt connections between two machines, thereby preventing access to a service
attempts to prevent a particular individual from accessing a service
attempts to disrupt service to a specific system or person

Not all service outages, even those that result from malicious activity, are necessarily denial-of-service attacks. Other types of attack may include a denial of service as a component, but the denial of service may be part of a larger attack.

Illegitimate use of resources may also result in denial of service. For example, an intruder may use your anonymous ftp area as a place to store illegal copies of commercial software, consuming disk space and generating network traffic

Impact
Denial-of-service attacks can essentially disable your computer or your network. Depending on the nature of your enterprise, this can effectively disable your organization.

Some denial-of-service attacks can be executed with limited resources against a large, sophisticated site. This type of attack is sometimes called an "asymmetric attack." For example, an attacker with an old PC and a slow modem may be able to disable much faster and more sophisticated machines or networks.

U.S. sites interested in an investigation of a denial-of-service attack can contact their local FBI field office for guidance and information. For contact information for your local FBI field office, please consult your local telephone directory or see the FBI's contact information web page:

http://www.fbi.gov/contactus.htm