Content deleted Content added
Added a sentence about a recent record-breaking DDoS against Minecraft servers |
review: add sources, socialkeith copied from Digg |
||
| (One intermediate revision by one other user not shown) | |||
Line 4:
{{Use dmy dates|date=May 2024}}
[[File:Stachledraht DDos Attack.svg|thumb|
In [[computing]], a '''denial-of-service attack''' ('''DoS attack''') is a [[cyber-attack]] in which the perpetrator seeks to make a machine or network resource unavailable to its intended [[user (computing)|users]] by temporarily or indefinitely disrupting [[network service|services]] of a [[host (network)|host]] connected to a [[Computer network|network]]. Denial of service is typically accomplished by [[Flooding (computer networking)|flooding]] the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.<ref>{{cite web |date=6 February 2013 |title=Understanding Denial-of-Service Attacks |url=https://www.cisa.gov/news-events/news/understanding-denial-service-attacks |access-date=26 May 2016 |publisher=US-CERT}}</ref> The range of attacks varies widely, spanning from inundating a server with millions of requests to slow its performance, overwhelming a server with a substantial amount of invalid data, to submitting requests with an illegitimate [[IP address]].<ref>{{Cite journal |last1=Elleithy |first1=Khaled |last2=Blagovic |first2=Drazen |last3=Cheng |first3=Wang |last4=Sideleau |first4=Paul |date=2005-01-01 |title=Denial of Service Attack Techniques: Analysis, Implementation and Comparison |url=https://digitalcommons.sacredheart.edu/computersci_fac/52 |journal=School of Computer Science & Engineering Faculty Publications}}</ref>
Line 265:
=== Blocking vulnerable ports ===
Threats may be associated with specific TCP or UDP port numbers. Blocking these ports at the firewall can mitigated the attack. For example, in an SSDP reflection attack; the key mitigation is to block incoming UDP traffic on port 1900.<ref>{{Cite web|url=https://www.cloudflare.com/learning/ddos/ssdp-ddos-attack/|title=SSDP DDoS attack | Cloudflare}}</ref
==Unintentional denial-of-service==
An unintentional denial-of-service can occur when a system ends up denied, not due to a deliberate attack by a single individual or group of individuals, but simply due to a sudden enormous spike in popularity. This can happen when an extremely popular website posts a prominent link to a second, less well-prepared site, for example, as part of a news story. The result is that a significant proportion of the primary site's regular users{{spaced ndash}}potentially hundreds of thousands of people{{spaced ndash}}click that link in the space of a few hours, having the same effect on the target website as a DDoS attack. A VIPDoS is the same, but specifically when the link was posted by a celebrity. When [[Death of Michael Jackson|Michael Jackson died]] in 2009, websites such as Google and Twitter slowed down or even crashed.<ref>{{cite news| url=http://news.bbc.co.uk/1/hi/8120324.stm | work=BBC News | first=Maggie | last=Shiels | title=Web slows after Jackson's death | date=2009-06-26}}</ref> Many sites' servers thought the requests were from a virus or spyware trying to cause a denial-of-service attack, warning users that their queries looked like "automated requests from a [[computer virus]] or spyware application".<ref>{{cite web|date=October 20, 2009|title=We're Sorry. Automated Query error|url=<!--last updated February 06, 2013-->http://productforums.google.com/forum/?#!category-topic/websearch/unexpected-search-results/uFcXXixhiBw|access-date=2012-02-11|work=Google Product Forums › Google Search Forum}}</ref>
News sites and link sites{{spaced ndash}}sites whose primary function is to provide links to interesting content elsewhere on the Internet{{spaced ndash}}are most likely to cause this phenomenon. The canonical example is the [[Slashdot effect]] when receiving traffic from [[Slashdot]]. It is also known as "the [[Reddit]] hug of death"<ref>{{cite web |url=https://medium.com/codingame/story-of-a-reddit-hug-of-death-and-lessons-learned-3565bb8a6793 |title=Story of a Reddit Hug of Death and Lessons Learned |access-date=2024-09-24}}</ref> and "the [[Digg]] effect".<ref>{{cite web |url=http://socialkeith.com/the-digg-effect-v4/ |title=The Digg Effect v4 |publisher=Social Keith |access-date=October 20, 2010 |first1=Keith |last1=Plocek |archive-url=https://web.archive.org/web/20101022060115/http://socialkeith.com/the-digg-effect-v4/ |archive-date=October 22, 2010 |url-status=dead }}</ref><!--[[User:Kvng/RTH]]-->
Routers have also been known to create unintentional DoS attacks, as both [[D-Link]] and [[Netgear]] routers have overloaded NTP servers by flooding them without respecting the restrictions of client types or geographical limitations. Similar unintentional denial-of-service can also occur via other media, e.g. when a URL is mentioned on television. If a server is being indexed by [[Google]] or another [[search engine]] during peak periods of activity, or does not have a lot of available bandwidth while being indexed, it can also experience the effects of a DoS attack.<ref name=":0" />{{failed verification|date=April 2021}}{{citation needed|reason=I've never seen Google send more than one request per minute to my server, usually much less often than that. Other crawlers may be more aggressive though. Do we have a reliable source about this?|date=March 2013}} Legal action has been taken in at least one such case. In 2006, [[Universal Tube & Rollform Equipment|Universal Tube & Rollform Equipment Corporation]] sued [[YouTube]]: massive numbers of would-be YouTube.com users accidentally typed the tube company's URL, utube.com. As a result, the tube company ended up having to spend large amounts of money on upgrading its bandwidth.<ref>{{cite news |title=YouTube sued by sound-alike site |work=BBC News |date=2006-11-02 |url=http://news.bbc.co.uk/2/hi/business/6108502.stm }}</ref> The company appears to have taken advantage of the situation, with utube.com now containing ads for advertisement revenue. In March 2014, after [[Malaysia Airlines Flight 370]] went missing, [[DigitalGlobe]] launched a [[crowdsourcing]] service on which users could help search for the missing jet in satellite images. The response overwhelmed the company's servers.<ref>{{cite web|url=http://wnmufm.org/post/people-overload-website-hoping-help-search-missing-jet|title=People Overload Website, Hoping To Help Search For Missing Jet|author=Bill Chappell|publisher=NPR|date=12 March 2014|access-date=4 February 2016}}</ref> An unintentional denial-of-service may also result from a prescheduled event created by the website itself, as was the case of the [[Census in Australia]] in 2016.<ref>{{cite web|url=https://delimiter.com.au/2016/08/19/experts-cast-doubt-census-ddos-claims/|title=Experts cast doubt on Census DDoS claims|date=19 August 2016|access-date=31 January 2018|last=Palmer|first=Daniel|publisher=Delimiter}}</ref> This could be caused when a server provides some service at a specific time.
| |||