Denial-of-service attackwikipedia
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.
denial-of-service attackdenial of servicedistributed denial of serviceDDoSdistributed denial-of-servicedenial-of-servicedistributed denial-of-service attackdenial of service attackDDoS attackdenial of service attacks

DDoS mitigation

DDoS protectionanti-DoS softwaremitigation
APDoS attacks represent a clear and emerging threat needing specialised monitoring and incident response services and the defensive capabilities of specialised DDoS mitigation service providers.
DDoS mitigation is a set of techniques or tools for resisting or mitigating the impact of distributed denial-of-service (DDoS) attacks on networks attached to the Internet by protecting the target and relay networks.

Botnet

botnetbotnetscommand and control
Usually powered by a botnet, the traffic produced by a consumer stresser can range anywhere from 5-50 Gbit/s, which can, in most cases, deny the average home user internet access.
Botnets can be used to perform distributed denial-of-service attack (DDoS attack), steal data, send spam, and allows the attacker to access the device and its connection.

Smurf attack

smurfsmurf attackfraggle
Some common examples of DDoS attacks are fraggle, smurf and SYN flooding.
The Smurf attack is a distributed denial-of-service attack in which large numbers of Internet Control Message Protocol (ICMP) packets with the intended victim's spoofed source IP are broadcast to a computer network using an IP broadcast address.

SYN flood

TCP SYN Flood vulnerabilitymalicious intentsyn-floods
Some common examples of DDoS attacks are fraggle, smurf and SYN flooding.
A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of requests to a target's system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic.

Anonymous (group)

AnonymousAnonymous PhilippinesAnonymous hacktivist group
In other cases a machine may become part of a DDoS attack with the owner's consent, for example, in Operation Payback, organized by the group Anonymous.
Anonymous is a decentralized international hacktivist group that is widely known for its various DDoS cyber attacks against several governments, government institutions and government agencies, corporations, and the Church of Scientology.

OSI model

OSIOSI Reference ModelOSI model
In the OSI model, the definition of its application layer is narrower in scope than is often implemented.
Appropriate choices for both of these are needed to protect against denial of service.

Operation Payback

Operation: Paybacktemporarily disrupting the website of MasterCard
In other cases a machine may become part of a DDoS attack with the owner's consent, for example, in Operation Payback, organized by the group Anonymous.
Operation Payback started as retaliation to distributed denial of service (DDoS) attacks on torrent sites; piracy proponents then decided to launch DDoS attacks on piracy opponents.

LAND

LAND attack
A LAND attack is of this type.
A LAND (Local Area Network Denial) attack is a DoS (Denial of Service) attack that consists of sending a special poison spoofed packet to a computer, causing it to lock up. The security flaw was first discovered in 1997 by someone using the alias "m3lt", and has resurfaced many years later in operating systems such as Windows Server 2003 and Windows XP SP2.

Arbor Networks

Arbor
On March 5, 2018, an unnamed customer of the US-based service provider Arbor Networks fell victim to the largest DDoS in history, reaching a peak of about 1.7 terabits per second.
The company's products are used to protect networks from denial-of-service attacks, botnets, computer worms, and efforts to disable network routers.

High Orbit Ion Cannon

HOIC
Along with HOIC a wide variety of DDoS tools are available today, including paid and free versions, with different features available.
High Orbit Ion Cannon (HOIC) is an open-source network stress testing and denial-of-service attack application designed to attack as many as 256 URLs at the same time.

Low Orbit Ion Cannon

LOIC
The LOIC has typically been used in this way.
Low Orbit Ion Cannon (LOIC) is an open-source network stress testing and denial-of-service attack application, written in C#.

XML denial-of-service attack

A kind of application-level DoS attack is XDoS (or XML DoS) which can be controlled by modern web application firewalls (WAFs).
An XML denial-of-service attack (XDoS attack) is a content-borne denial-of-service attack whose purpose is to shut down a web service or system running that service.

Mydoom

In cases such as MyDoom and Slowloris the tools are embedded in malware, and launch their attacks without the knowledge of the system owner.
Speculative early coverage held that the sole purpose of the worm was to perpetrate a distributed denial-of-service attack against SCO Group.

Fork bomb

fork bombForkbomb
An attacker with shell-level access to a victim's computer may slow it until it is unusable or crash it by using a fork bomb.
In computing, a fork bomb (also called rabbit virus or wabbit ) is a denial-of-service attack wherein a process continually replicates itself to deplete available system resources, slowing down or crashing the system due to resource starvation.

Ingress filtering

ingress filteringingressfilter users by IP address
Since the incoming traffic flooding the victim originates from many different sources, it is impossible to stop the attack simply by using ingress filtering.
This technique is often used in the denial-of-service attack, and this is a primary target of ingress filtering.

Email bomb

email bombe-mail bombMailbomb
In Internet usage, an email bomb is a form of net abuse consisting of sending huge volumes of email to an address in an attempt to overflow the mailbox or overwhelm the server where the email address is hosted in a denial-of-service attack.

IP address spoofing

spoofedspoofingIP address
As an alternative or augmentation of a DDoS, attacks may involve forging of IP sender addresses (IP address spoofing) further complicating identifying and defeating the attack.
IP address spoofing is most frequently used in denial-of-service attacks, where the objective is to flood the target with an overwhelming volume of traffic, and the attacker does not care about receiving responses to the attack packets.

Ping flood

ping floodICMP flooding
Ping flood is based on sending the victim an overwhelming number of ping packets, usually using the "ping" command from Unix-like hosts (the -t flag on Windows systems is much less capable of overwhelming a target, also the -l (size) flag does not allow sent packet size greater than 65500 in Windows).
A ping flood is a simple denial-of-service attack where the attacker overwhelms the victim with ICMP "echo request" (ping) packets.

Zombie (computing)

zombie computerzombiezombies
It uses a layered structure where the attacker uses a client program to connect to handlers, which are compromised systems that issue commands to the zombie agents, which in turn facilitate the DDoS attack.
Botnets of zombie computers are often used to spread e-mail spam and launch denial-of-service attacks (DOS attacks).

WinNuke

A specific example of a nuke attack that gained some prominence is the WinNuke, which exploited the vulnerability in the NetBIOS handler in Windows 95.
The term WinNuke refers to a remote denial-of-service attack (DoS) that affected the Microsoft Windows 95, Microsoft Windows NT and Microsoft Windows 3.1x computer operating systems.

Exploit (computer security)

exploitexploitssecurity exploit
Various DoS-causing exploits such as buffer overflow can cause server-running software to get confused and fill the disk space or consume all available memory or CPU time.
Such behavior frequently includes things like gaining control of a computer system, allowing privilege escalation, or a denial-of-service (DoS or related DDoS) attack.

Slowloris (computer security)

Slowloris
Much like Slowloris, RUDY keeps sessions at halt using never-ending POST transmissions and sending an arbitrarily large content-length header value.
Slowloris is a type of denial of service attack tool invented by Robert "RSnake" Hansen which allows a single machine to take down another machine's web server with minimal bandwidth and side effects on unrelated services and ports.

BlackNurse

BlackNurse
The BlackNurse attack is an example of an attack taking advantage of the required Destination Port Unreachable ICMP packets.
The BlackNurse attack is a form of denial of service attack based on ICMP flooding.

Cloudflare

CloudflareCloudFlare’sCloudFlare protection
In November 2017; Junade Ali, a Computer Scientist at Cloudflare noted that whilst network-level attacks continue to be of high capacity, they are occurring less frequently.
Cloudflare claims this can mitigate advanced Layer 7 attacks by presenting a JavaScript computational challenge which must be completed by a user's browser before the user can access a website.

Stacheldraht

Stacheldraht is a classic example of a DDoS tool.
Stacheldraht (German for "barbed wire") is malware written by Mixter for Linux and Solaris systems which acts as a distributed denial-of-service (DDoS) agent.