Stemming the DoS flood
Source: ZDNet - Posted by Pete O'Hara   
Intrusion Detection One the most aggravating Internet security threats today is a distributed denial-of-service attack--a flood of bogus network traffic that can effectively shut down a Web site. Far from going away, the phenomenon is evolving in different permutations. But new tools are . . . One the most aggravating Internet security threats today is a distributed denial-of-service attack--a flood of bogus network traffic that can effectively shut down a Web site. Far from going away, the phenomenon is evolving in different permutations. But new tools are emerging to help Internet administrators fight the problem.

DoS attacks are the Internet equivalent of someone placing thousands of crank phone calls per second to a switchboard. Whatever the psychology that lies behind them, DoS attacks have succeeded in felling the biggest sites on the Web, including those of Microsoft, Yahoo and, more recently, the Computer Emergency Response Team (CERT) Coordination Center at Carnegie Mellon University.

The conventional wisdom among security experts is that such attacks are, at best, a chronic nuisance. At worst, they are impossible to prevent completely, since they are unpredictable and are often difficult to distinguish from legitimate traffic. DoS attacks use distributed "zombies"--computers that have had an unauthorized piece of packet-generating code planted on them--to fire billions of packets simultaneously at a target site, chewing up the site's available bandwidth and overwhelming its servers.

Read this full article at ZDNet

Only registered users can write comments.
Please login or register.

Powered by AkoComment!