Network Denial of Service Attacks
Networks are also vulnerable to denial of service attacks. In attacks of this kind, someone prevents legitimate users from using the network. The three common types of network denial of service attacks are service overloading, message flooding, and signal grounding, or jamming. A fourth kind of attack, SYN flood attacks (which we call clogging) is less common, but possible.
Service Overloading
Service overloading occurs when floods of network requests are made to a server daemon on a single computer. These requests can be initiated in a number of ways, both accidental and intentional. Service overloading can have many results:
Your system can become so busy servicing interrupt requests from incoming network packets that it is unable to perform other tasks in a timely fashion. Many requests will be thrown away as there is no room to queue them. Invariably, the legitimate requests will be resent, further adding to your computer’s load.
If a service that causes a daemon to fork( ) or otherwise start a new process is under attack, your system may spawn so many new processes that it has no process table entries remaining to perform useful work.
If a service that allocates significant amounts of memory is under attack, your server may run out of swap space.
If a service that performs a large amount of computation is under attack, your server may not have sufficient CPU resources available to perform other tasks.
The overload caused by an overloading attack ...
Get Practical UNIX and Internet Security, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
