Skip to content

Network Denial of Service

What is Network Denial of Service?

Network Denial of Service (DoS) refers to an attack that aims to disrupt the normal functioning of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. DoS attacks exploit the limits that apply to web servers, networks, and other internet infrastructure components. When a server or network is overloaded with connections, new connections can no longer be accepted. This effectively makes the service unavailable to legitimate users.

How does Network Denial of Service work?

  1. Volume-based Attacks: These involve saturating the bandwidth of the attacked site with a massive amount of traffic. Examples include UDP floods, ICMP floods, and other spoofed-packet floods.
  2. Protocol Attacks: These attacks consume actual server resources or those of intermediate communication equipment like firewalls and load balancers. Examples are SYN floods, fragmented packet attacks, Ping of Death, Smurf DDoS and more.
  3. Application Layer Attacks: These are sophisticated attacks targeting specific aspects of an application or service at Layer 7 (OSI model). They can disrupt services even with only a few machines generating a low traffic rate (as in HTTP slow POST attack).

Where does Network Denial of Service apply?

Network DoS attacks can be directed at any networked service at any layer in the OSI model but typically target layers 3 (Network), 4 (Transport), and 7 (Application). Common targets include:

  • Web servers like Apache HTTP Server or Nginx.
  • Online platforms such as financial services or e-commerce sites.
  • Other critical infrastructure including DNS services and email servers.
  • Network-connected devices forming part of IoT deployments.

Why use Network Denial of Service?

The motivations behind DoS attacks can vary widely but often include:

  • Extortion: Attackers demand money in return for ceasing the attack.
  • Political Activism: Disrupting services to make a political statement.
  • Business Rivalry: Disabling competitor’s services to gain business advantage.
  • Diversion Tactics: Distracting from other malicious activities such as data breaches.

Understanding these aspects helps in designing more robust systems that are resilient against such threats by implementing proper security measures like rate limiting, robust firewall configurations, proper input validation on application layers, and comprehensive monitoring and alerting systems for anomalous traffic patterns.