Industry guru Dave Taylor offers tech support on technical and business topics, including iPhone, iPod, Microsoft Windows, Sony PSP, cellphones, online advertising, CSS, Web design, business, Unix, Linux, SEO, Mac OS X, and shell script programming.     


What is a Denial of Service attack?

I heard on the news today that my favorite social network, Twitter, is being plagued by what they called a "denial of service attack". What on Earth is that? They're forced to not actually get service and it's an attack? I mean, I've been to restaurants where I experience a denial of service, but how can something like that affect Twitter or Facebook or whatever?

Dave's Answer:

Ha! I love the joke about denial of service at a restaurant. You could even have said that was what launched the entire Civil Rights movement decades ago, but that wouldn't have been focused on what's going on right now with Twitter and Facebook, among other sites.

The idea behind an actual denial of service attack (often called a DoS) is that if you flood the Web servers of a popular site with spurious, bogus queries, it'll be so busy answering those bogus requests that it'll have to reject legitimate connect requests from real users.

Think of it this way: if you were answering phones for a company and suddenly found that seemingly every single call was a prank, wouldn't the people who were trying to call the company for legitimate reasons just get a busy signal, while you, the operator, were stuck dealing with and hanging up on the bogus callers?

There are also a lot of ways to implement a DoS too, as it happens, but the most common are so-called "smurf attacks" (technically, ICMP floods), where incorrectly configured network devices allow queries to be sent to all machines on a network, rather than a specific one. The more complex the network, the more this kind of thing can be crippling to the service.

Other ICMP floods include "ping floods", where ping packets are sent incessantly, or SYN floods, where, you guessed it, SYN packets are sent with forged sender addresses.

Other types of Denial of Service attacks include "teardrop attacks", "peer to peer attacks", "application level floods", "nukes" and "distributed attacks" (also known as DDoS, or distributed denial of service). The lattermost is particularly tough because hundreds or even thousands of machines can all be unknowingly contributing to the attack (if you really want to get into the weird nomenclature, it's usually trojan attacks that compromise the individual machines, making them zombie agents.

Suffice to say, what's happening to Twitter is very hard to address because if the tsunami of bogus queries are indistinguishable from legitimate ones, how can they shut it down or block it?

To learn more about Denial of Service attacks, check out the informative article on Wikipedia.

And as for Twitter? Hopefully that'll be back up and fully online pretty darn soon!

More Useful Twitter, LinkedIn and Social Network Help Articles:
✔   How do I search for a job on LinkedIn?
This may be a bit obvious, but I'm looking for work and am unclear how I can use LinkedIn to find positions other...
✔   Add a header graphic to my Twitter profile?
I heard from a colleague that Twitter's added profile pictures a la Facebook's timeline photo on the top. Nice, but how do I...
✔   Export LinkedIn Profile as a PDF Resume?
I've spent the last year or two updating and adding to my LinkedIn profile and it has a ton of information about me....
✔   How do I block an iPad app from accessing Twitter?
My son installed an app on my iPad and now it's posting updates on my Twitter account when he plays. What the deuce?...
✔   Repost a Facebook photo on Instagram?
I post a lot of photos on Facebook and sometimes want to share them with my Instagram followers. You can automatically mirror an...
Let's stay in touch!
Sign up for my weekly AskDaveTaylor Newsletter and you'll receive even more tech and gadget help right to your inbox, along with exclusive news and industry updates. It's good stuff. I promise!
    Enter your name: and your email addr:  




Categorized: Twitter, LinkedIn and Social Network Help   (Article 9024, Written by )
Tagged: ddos, dos, facebook, malware, trojans, twitter, zombies
Previous: Killzone 2 Walkthru Part III: Visari Square
Next: How do I password-protect an iPhoto album on MobileMe Gallery?




Reader Comments To Date: 5

Rick Harrison said, on August 6, 2009 11:06 PM:

I have some follow on questions to your DoS post... What is the motive for an act like this? Is it just plain old vandalism by geeks with nothing better to do? Or is there something more to it?

Rick.

Dave Taylor said, on August 6, 2009 11:16 PM:

A very interesting question, Rick. As far as I have read, there's no consensus on what's going on and while some sites might garner dislike in certain communities, I think Twitter is fairly neutral as a social network. We might learn more in the next few days as the traffic patterns and attacks are analyzed, but this might be one that's never properly clarified.

Ken B said, on August 7, 2009 9:32 AM:

Sometimes, the reasons behind a DDoS attack can be obvious. For example, if they can take down the Microsoft Windows update site, or an anti-virus website, they can prevent you from getting the update that could prevent the new infection.

On the other hand, I suppose there might still be the occasional "I like to disrupt things and make the evening news" reasons.

SelfMadeCelo said, on August 7, 2009 11:10 AM:

Sometimes there are other motives. There's a pretty well known DNS hole that will let you re-route all the traffic to a new site. It's been tried with Trend Micro but it failed because they have protection in place. Basically they tried to take down the site and then replace it with a download to their own software that would just add more computers to their botnet. You could even go as far as taking down banking websites and sending everyone to your own servers.

Carmen said, on September 17, 2009 7:09 PM:

Would this DOS have anything to do with the recent issues with mobile facebook? My app receives notifications as usual but for the last couple of days it will not let me view these notifications nor will it allow a poke back. i have to go to my mobile browser and view notifications, but the "like" option that allows you to view the "liker" (for lack of a better word, lol) will only bring me back to my home page when i click on it. its very frustrating and i have visited several sites, discussions and forums but i find nothing but speculations. Based on other complaints all users are experiencing the same symptoms with no common denominator (model phone/smartphone, carrier). after reading your response i am wondering if the issues are a result of your explanation of "teardrop attacks" I was also concerned because i have not seen anything issued from Facebook acknowledging a problem/solution. Please, i would love some advice on this.

Starbucks coffee cup I do have a lot to say, and questions of my own for that matter, but first I'd like to say thank you, Dave, for all your helpful information by buying you a cup of coffee!

I do have a comment, now that you mention it!











I will never send you any unsolicited email. Ever.






Check This Out Too...

 
Recent Entries
Look for Answers
Recommended
Need Help? Ask Dave Taylor!
All Our Categories


Follow Me on Pinterest

Find Me on Google+
ADT on G+
© 2002 - 2013 by Dave Taylor. All Rights Reserved.

Note: This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this web site or on any linked site. Further, please note that by submitting a question or comment you're agreeing to my terms of service, which are: you relinquish any subsequent rights of ownership to your material by submitting it on this site. My lawyer says "Thanks".
"Ask Dave Taylor®" is a registered trademark of Intuitive Systems, LLC.