CertiGuide to Security+  9  Chapter 1:  General Security Concepts (Domain 1.0; 30%)       9  1.4  Attacks

1.4  Attacks 1 Impact of DDos Attacks

One of the more popular attacks of recent times is the DoS attack, or “Denial of Service.” A DoS attack does just what its name suggests – denies legitimate users access to some network or system service. It’s based on a simple premise – the attacker attempts to flood the target with large amounts of data, with one of two results:

• The network it sits on becomes saturated with this data and is thus unusable.
  
  
• Eventually, a device on the network (such as a firewall or router) or the targeted host itself will succumb to this flood of data, and stop serving legitimate requests.

A variant on this attack – DDoS, or “Distributed Denial of Service” – produces the same result by sending a coordinated flood of data from multiple hosts, generally from multiple locations around the Internet. These hosts are usually machines that the attacker has previously broken into and “Trojaned” with a “DDoS client” such as Trinoo, whose purpose is to stage a DoS attack on a target system. At the attacker’s signal, these hosts spring into life and start sending data to the target as quickly as possible. This type of attack is becoming more of a concern as more home users gain broadband connections and place systems on public networks without properly securing them first. Even today’s wireless phones are subject to a DoS attack⁶⁵.

1.4  Attacks 1 Impact of DDos Attacks