a denial-of-service attack (DoS attack) is a cyber-attack in which
the perpetrator seeks to make a machine or network resource
unavailable to its intended users by temporarily or indefinitely
disrupting services of a host connected to the Internet. Denial
of service is typically accomplished by flooding the targeted
machine or resource with superfluous requests in an attempt
to overload systems and prevent some or all legitimate
requests from being fulfilled.
A distributed denial-of-service (DDoS) attack occurs when
multiple systems flood the bandwidth or resources of a
targeted system, usually one or more web servers. A DDoS
attack uses more than one unique IP addresss or machines,
often from thousands of hosts infected with malware. A
distributed denial of service attack typically involves more
than around 3–5 nodes on different networks; fewer nodes
may qualify as a DoS attack but is not a DDoS attack.
What is DOS Attack?
An application layer DoS attack is done mainly for specific targeted purposes,
including disrupting transactions and access to databases. It requires fewer
resources than network layer attacks but often accompanies them. An attack
may be disguised to look like legitimate traffic, except it targets specific
application packets or functions. The attack on the application layer can disrupt
services such as the retrieval of information or search functions on a website. It
is very common for attackers to use pre-built applications and open-source
projects to run the attack.
Denial-of-service as a service
Some vendors provide so-called "booter" or "stresser" services, which
have simple web-based front ends, and accept payment over the web.
Marketed and promoted as stress-testing tools, they can be used to
perform unauthorized denial-of-service attacks, and allow technically
unsophisticated attackers access to sophisticated attack tools. Usually
powered by a botnet, the traffic produced by a consumer stresser can
range anywhere from 5-50 Gbit/s, which can, in most cases, deny the
average home user internet access.