Re: Denial of service

["Kevin T. Shivers" <kshivers () tis com>]

At 01:24 PM 8/17/98 -0400, you wrote:
> Hello,
>
> A quick question for anyone out there...What exactly is denial of service?
> And how can it be used to attack a particular server? I'm new to this, as
> I've only been working for about a year, and hear this term from time to
> time...thx.

Ok, I'm going to give this a try. Hopefully it will work.

A Denial of Service (DoS) attack does basically what it says. It denys
service to users. DoS attacks are things like the Out of Band packets send
to NT & 95 boxes which result in a Blue Screen of Death (BSOD), or like the
TCP-SYN attack which fills up the backlog queue of requests for connections
from spoofed IPs so that no one else can access a service on a machine.
These attacks can be used to block out a port (like WWW port 80) so that no
one can access a site's webpage. Or stuff like bonk, boink, teardrop, etc
cause BSODs forcing machines to be rebooted. Even fast pings or while(1) {
fork() } type of things can be seen as a DoS attack. All it has to do is
prevent people from using a box or service of that box. Hopefully this has
answered your questions, for more info look at some of the following
sites/papers/etc.

                o http://www.technotronic.com/denial.html
                o Phrack 48 which has information on the TCP-SYN  @ www.phrack.com
                o BugTraq archives @ www.geek-girl.com/bugtraq/

Hope it helped.

                                        kts


------------------
Kevin T. Shivers -- NT & UNIX Systems Mutilator
TIS Labs at Network Associates, Inc. 's BOFH
kshivers <at> tis <dot> com -- 301-854-5303
Scud Networks: http://www.clark.net/pub/mulder/
PGP Info @ http://www.clark.net/pub/mulder/pgp.key