Dwight Watt - Newspaper Article #494 3/25/2020


Question: What is a DoS attack?

Answer:

A DoS attack is a Denial of Service attack as far as the words for the letters.

Now what is it in plain English and how does it occur.

A DoS attack is when a network or a computer type device (PC, server, camera, meter, etc.) is attacked thru the network by people who are attack agents using their machines to make the device or network no longer work for people.

Quite often the DoS attack is aimed at an organization to prevent their computers doing their work. For instance, someone could get mad at XYZ company and want to shut them down. They then do a DoS attack which ties up their equipment and they can no longer respond with a web page when Suzy goes to their web site or receive payments from John and Jan when they try to make payments as they never get to the server or that the new movie that everyone was wanting to see from XYZ cannot be sent out on the network as their equipment locked up.

DoS attacks are typically done by sending tons of PINGs at the network or device. PING is a great tool for networkers to determine if sites or accessible, however used by the threat agents it can be abused. When a network device receives a PING, it is a high priority request and is to be answered before things like web page requests, payment information etc. The threat agent sends lots and forces the device to responding to those PINGs and it is not able to deal with the other messages.

To combat this, places started blocking PINGs and when from one machine you could block that address in your firewall. However, threat agents improved 9or got worse on how you look at it).

They started doing DDoS attacks. They are Distributed Denial of Service attacks. They planted bots on many machines using malware that art a certain time started sending massive numbers of PINGs. Now you could not block one address. Harder to stop.

Many places started blocking all PINGs but that stopped white hat agents from using a great tool. Now many places let a few pings from a location then start blocking.

Modern firewalls will help protect you from DoS and DDoS attacks. Hopefully you are never hit by one.