A DoS attack is a form of malicious action typically taken against a computer system such as a server or webpage host. This type of attack can also be used against smaller systems such as the central processing unit (CPU) of a computer, though this is fairly unusual. The attack is meant to make the server become unavailable for use by legitimate users. A DoS attack can take a number of different forms, though in general it is intended to either overwhelm a system through flooding or crash the system.
The target of a DoS attack, which stands for “denial of service” and should not be confused with a disk operating system or DOS, is usually a major server that hosts a website or similar service. “Denial of service” means that the system is attacked in some way that ultimately results in the system no longer being able to respond to legitimate customers or users of the service. Service is therefore denied to individuals trying to navigate to the website or log onto a server that has been targeted.
A DoS attack can take a number of different forms, though it is usually meant to achieve one of two end results: server flooding or server crashing. Flooding is achieved by causing a server to attempt to respond to an excessive number of users simultaneously, often by using a program to “spoof” multiple non-existent users, which uses the system’s resources and causes it to become non-responsive. Server crashing is typically achieved through a malicious piece of software that uses a flaw or weakness in the server programming to cause the server to crash and be inaccessible until restarted.
One of the reasons a DoS attack can be so disruptive is because this type of attack can be relatively easy to launch and may continue for days or weeks. A DoS attack can also be launched as a more “permanent” attack that seeks to bring a server down for the long term. This is usually done by gaining access to the firmware in a server and “flashing” the server with new firmware that is corrupted or malicious, bringing the server down until the system is repaired or replaced.
A DoS attack can also be inadvertent and still achieve similar results. When a webpage or server is overwhelmed by legitimate user requests, such as when a popular website links to a smaller page on a server that cannot handle the user capacity of the larger server, then the server can become flooded or crash. While this is not necessarily an “attack,” it is often seen as similarly disruptive and can be an unfortunate consequence of a small website that becomes quite suddenly popular.