Definitions[edit | edit source]
General[edit | edit source]
Denial of service (DoS) is
|“||[a]n attack that prevents or impairs the authorized use of information system resources or services.||”|
|“||[t]he prevention of authorized access to resources or the delaying of time-critical operations. (Time-critical may be milliseconds or it may be hours, depending upon the service provided.)||”|
|“||[p]reventing or impairing the normal authorized functionality of networks, systems, or applications by exhausting resources. This activity includes being the victim of or participating in a denial of service attack.||”|
|“||[w]hen action(s) result in the inability to communicate and/or the inability of an AIS or any essential part to perform its designated mission, either by loss or degradation of a signal or operational capability.||”|
Message handling[edit | edit source]
Denial of service (DoS) occurs
|“||when an entity fails to perform its function or prevents other entities from performing their functions, which may be a denial of access, a denial of communications, a deliberate suppression of messages to a particular recipient, a fabrication of extra traffic, an MTA was caused to fail or operate incorrectly, an MTS was caused to deny a service to other users. Denial of service threats include the following: denial of communications, MTA failure, MTS flooding.||”|
References[edit | edit source]
- NICCS, Explore Terms: A Glossary of Common Cybersecurity Terminology (full-text).
- NIST Special Publication 800-27A.
- Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements, at 5.
- OPSEC Glossary of Terms.
- ITU, "Compendium of Approved ITU-T Security Definitizons," at 16-17 (Feb. 2003 ed.) (full-text).
External resources[edit | edit source]
- CERT® Advisory CA-1999-17 Denial-of-Service Tools (Dec. 28, 1999, revised, Mar. 3, 2000) (full-text).
- CERT® Incident Note IN-99-07: Distributed Denial of Service Tools (Nov. 18, 1999, updated, Dec. 8, 1999 and Jan. 15, 2001) (full-text).
- CERT®, Results of the Distributed-Systems Intruder Tools Workshop (Nov. 2-4, 1999) (full-text).
- CERT® Advisory CA-2000-01 Denial-of-Service Developments (Jan. 3, 2000) [full-text)
- CERT® Incident Note IN-2000-05: "mstream" Distributed Denial of Service Tool (May 2, 2000) (full-text).
- CERT®, Trends in Denial of Service Attack Technology (ver.1) (Oct, 2001) (full-text).
Community content is available under CC-BY-SA unless otherwise noted.