analytical Q diaryjournalphotoscontact
Journal Entries

Bon Journal

Denial of service demystified

courtesy of the Hungry Poet

Denial of service attacks do not always bring "down" web servers, especially if it is a mild one. They merely cause so much traffic conjestion no legitimate user can access the web services provided by the servers.

Without being too technical, the best way to explain denial of service is to use the home telephone as an analogy. Picture this scenario:

  • you have one telephone line at home
  • prankster wishing to cause "denial of service" sets up a few autodialers
  • using a few phone lines to constantly dial your phone number
  • every time your phone rings, you pick it up and then you hang up
  • as soon as you hang up, the phone rings again
  • all your friends cannot get through to your phone because it's constantly engaged
  • you cannot make a call because it's constantly ringing
  • you are denied any telephony service, both incoming and outgoing

Simply put, that's what happens to web servers being bombarded by denial of service attacks - they are so busy responding to prankster accesses that legitimate requests rarely ever get served, if at all. Web servers can be brought down by DOS attack if they are unable to cope or recover from excessive traffic in severe cases of attacks.

A mild denial-of-service attack (aka "DOS" attack) will allow a small volume of legitimate accesses to be served so the end-user or client ends up with partial page loads.

DOS attacks launched from a large number of attack points is a Distributed Denial of Service or DDOS. There are many types of DOS attacks, hardware and software oriented, but they all ultimately result in preventing the target web server or resource from providing services to legitimate clients.

What you described earlier about the heading loading and then nothing else is loaded could resemble a mild DOS attack. What I experienced with earlier was a complete "not found" which means your web server was already down at the time. Your web hosting provider may say it is not down because the PC hardware running the web server software is still up (seen from the internal point of view), but the DNS server may be down or the HTML server software may be "hung" and needed a reboot. Some service providers do not regard this as "down" simply because the hardware is running - if they wish to keep the "uptime" statistics seem more impressive.

12 August 2002 Monday

Sometimes it's better left to the experts. In my experience, experts don't necessarily communicate in everyday language for the layman. But this one does, in response to my question about denial of service.
Recommend this page to a friend:
Your name:
Your email address:
Your friend(s):  (separate addresses with commas)
Your message: