Attacks & Threats
Denial-of-Service (DoS) Attack
Definition
An attack that exhausts a system's bandwidth, compute, memory, or application resources so that legitimate users can no longer access the service.
Examples
- An attacker uses a single host to send Slowloris connections that hold open the web server's worker threads until it can't accept new clients.
- A vulnerability lets one HTTP request consume gigabytes of memory, crashing the service.
Related terms
Distributed Denial-of-Service (DDoS) Attack
A denial-of-service attack carried out from many distributed sources simultaneously — typically a botnet — to overwhelm a target's bandwidth, infrastructure, or application.
SYN Flood
A TCP-based denial-of-service attack that sends many SYN packets without completing the three-way handshake, exhausting the target's connection-state resources.
Ping of Death
A legacy denial-of-service attack that sends malformed or oversized ICMP echo packets, causing vulnerable TCP/IP stacks to crash, hang, or reboot when reassembling them.
Teardrop Attack
A legacy DoS attack that sends IP fragments with overlapping, malformed offsets to crash TCP/IP stacks that mishandle reassembly.
LAND Attack
A legacy DoS attack that sends a spoofed TCP SYN packet whose source IP and port equal the destination, causing vulnerable systems to loop or crash.
Fork Bomb
A denial-of-service technique in which a process repeatedly forks itself, exhausting process tables, memory, and CPU on the host.