Denial of Service Attacks for Dummies

[+ Lucky]

Would one or more of those who are computer literate please provide me with a simple, easy to understand, (if possible) explanation of how attacks like the one on twitter yesterday work?

 

Somehow I gather that persons unknown get many people to use the site all at once and overwhelm the server? If so, how do they do that?

 

Remember, I am conceding that I am a DUMMIE on this, so please be kind!

[+ glutes]

The Russians Are Coming!

 

Hope this news article helps Lucky...

 

http://government.zdnet.com/?p=5220

[+ honcho]

Here's an article specifically about twitter:

 

http://www.wired.com/epicenter/2009/08/twitter-apparently-down/

 

Generally, there are many different kinds of "Denial of Service" attacks; anything

that can prevent any internet service from doing its job.

 

If you can corrupt the mechanism by which human readable names get turned into

(Binary) IP addresses, that in of itself is a kind of denial of service attack.

 

If the attacker manages to crash the server, that's another kind of denial of service

attack.

 

Or if you know that the service provider is small scale, just one or a few computers

could be programmed to make requests as fast as possible and overwhelm it.

 

However, the term commonly has grown to mean a "Distributed denial of service" attack.

 

In this case, the attacker manages to infect a whole lot of computers with a virus that

provides a back door, and thereby able to magnify his malicious intent.

 

(Once having marshalled his forces, the controller sends his attack message to 10 others with a generation count of 3, each of which sends to ten others with a generation count of 2, each of which sends to ten others with a generation count of 1, and then you have an army of 1,000 computers pounding on the victim).

 

Google "Botnet". It's an area of active research of both good guys and bad guys.