A distributed Denial of Service (DDoS) attack is a simple variation of a Denial of Service attack in which the attacker initiates the assault from multiple machines to mount a more powerful, coordinated attack.

Detailed Description

A DDoS attack is an amplified Denial of Service attack. In DDoS attacks, multiple hosts simultaneously attack the victim server, resulting in a powerful, coordinated, Denial of Service attack. This type of attack can even take down large sites such as Yahoo, Amazon and CNN, which are designed to handle millions of requests in a short amount of time.

A DDoS attack is executed as follows: an attacker locates vulnerable machines, gains access to them, and installs an attack program. These machines are often referred to as "zombies". When the attacker decides to strike, the attacker commands all the "zombies" to start flooding the victim target. The owners of the "zombies" have no clue that their computers are being used to attack remote systems, and it is more difficult to locate the attacker because the attack program is not running from the attacker's computer. Recently, web servers have also been used to execute DDOS attacks. Web servers provide a more muscular attack platform with higher bandwidth and processing power—one server is the equivalent of 3,000 infected PCs.

The concept of DDoS can also be used to achieve other goals, such as stealth scanning (just a few packets from each zombie) and distributed password cracking (using the aggregate processing power).

The impact of a DDOS includes:

  • Application outages
  • Brand damage
  • Financial loss due to the inability to process financial transactions