Denial of service is a well-recognised and notorious attack, designed to target either an individual or a business to overload their infrastructure. This article will provide an overview for denial of service attacks, how they are performed and some techniques that attackers use to pass by undetected.
With a standard denial of service attack, the primary objective is to overload a core piece of equipment with requests. When a server receives a connection request from an individual, this information will be processed by the server to establish a full connection with the client. This processing time is minimal but is a mandatory part of the process. To take advantage of the time to process, a denial of service attack will send a horde of requests that are designed to overwhelm the recipient server with traffic that it is unable to handle.
The remediation against a denial of service attack is, in most cases, to ensure that there are enough resources available to withstand the traffic and allow the business enough time to determine if this is legitimate or not. There are also third-party providers who will act as a gateway for your traffic to ensure that they are the main recipient of this data, and filter traffic to ensure that your server receives legitimate requests.
As a penetration tester, you will almost never require any type of denial of service attack, as the sole intention of this is typically to disrupt business. These attacks are, in most cases, purposely designed to be malicious and cause disruption. The main goal as a business is to have a strategy in the event of an attack and carry out your action plan in rapid response to minimise downtime.