A necessity threat disrupts normal computer processing or denies processing entirely. Programs used in necessity attacks work by reducing a computer’s processing speed to intolerably low levels or by completely disabling the computer.
The most common necessity attack, called a denial-of-service (DoS) attack, occurs when an attacker floods a computer, server, or network with messages with the goal of consuming the network’s bandwidth resources and disabling its services and communications. Even if the attack fails to disable the server, computer, or network, the resulting processing delays can render a service unusable or unattractive.
Because a DoS attacker does not need to access an organisation’s server to attack it, Web sites are particularly vulnerable to DoS attacks. The Web sites for Microsoft, eBay, Amazon.com, and many other companies have been victims of DoS attacks that resulted in service interruptions to their customers.
As you know, a Web browser loads a Web page by sending a message to a Web server that requests the page. The Web server responds with a message that contains the HTML content of the WebHTMLe, along with an image or other files required to display the Web page in the browser. When a Web browser is used in a DoS attack, it sends thousands of page requests per minute to the Web server with the goal of overloading the server.
In some cases, each of the page request messages has a false return address, so the Web server consumes processing resources in an attempt to solve the problem. As more page requests arrive at the Web browser, and as the efforts to solve the problem and to process the new requests accumulate, the server becomes overloaded and unavailable to process legitimate requests. Ultimately, the server shuts down.
In a distributed denial-of-service (DDoS) attack, the attacker takes control of one or more computers without the owner’s permission and uses those computers to launch a DoS attack on other computers, servers, or networks. Most DDoS attacks are initiated after the attacking computers are infected with Trojan horse programs. Each Trojan horse program is coded to open and launch a DoS attack on the same date and time.