Denial-of-Service Attacks

Denial-of-Service (DoS) attacks, which aim to prevent access to network resources, can be devastating and difficult to protect against. Typical DoS attacks involve flooding the network with traffic choking the transmission lines and preventing other legitimate users from accessing services on the network.

DoS attacks can target many different layers of the network. In order to understand the risk of a DoS attack to a wireless network, you must first understand the difference between various types of DoS attacks.

Application (OSI Layer 7)

An application-layer DoS is accomplished by sending large amounts of otherwise legitimate requests to a network-aware application, such as sending a large amount of page requests to a web server, swamping the server process. The goal of this type of attack is to prevent other users from accessing the service by forcing the server to fulfill an excessive number of transactions. The network itself may still be usable, but since the web server process cannot respond to the users, access to service is denied. (This can occasionally happen, innocently, when a web site receives a sudden boost in popularity due to a link from a high-traffic site, such as

Transport (OSI Layer 4)

A transport-layer DoS involves sending many connection requests to a host. This type of attack is typically targeted against the operating system of the victim’s computer. A typical attack in this category is a SYN flood. In a SYN ...

Get 802.11 Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.