Chapter 24. Denial of Service Attacks and Solutions

In cases where denial of service attacks did occur, it was either by accident or relatively easy to figure out who was responsible. The individual could be disciplined outside the operating system by other means.

—Dennis Ritchie

A denial of service attack is an attack in which one user takes up so much of a shared resource that none of the resource is left for other users. Denial of service attacks compromise the availability of the resources. Those resources can be processes, disk space, CPU time, printer paper, modems, or the time of a harried system administrator. The result is degradation or loss of service.

In previous editions of this book, this was a short chapter. Unfortunately, we no longer operate in the same environment we did when Ritchie considered it easy to determine who was responsible for a denial of service attack and to take appropriate actions. As we'll see, some kinds of network-based attacks are now both remarkably difficult to trace and even more complicated to defend against.