A type of denial of service (DoS) attack that leverages the power of multiple intermediary hosts. (DDoS)
Classic DoS attacks are one-to-one attacks in which a more powerful host generates traffic that swamps the network connection of the target host, thus preventing legitimate clients from accessing network services on the target. The distributed denial of ser-vice (DDoS) attack takes this one step further by ampli-fying the attack manyfold, with the result that server farms or entire network segments can be rendered useless to clients.
DDoS attacks first appeared in 1999, just three years after DoS attacks using SYN flooding brought Web servers across the Internet to their knees. In early February 2000, a major attack took place on the Internet, bringing down popular Web sites such as Amazon, CNN, eBay, and Yahoo! for several hours. A more recent attack of some significance occurred in October 2002 when 9 of the 13 root DNS servers were crippled by a massive and coordinated DDoS attack called a ping flood. At the peak of the attack, some of these servers received more than 150,000 Internet Control Message Protocol (ICMP) requests per second. Fortunately, because of caching by top-level Domain Name System (DNS) servers and because the attack lasted only a half hour, traffic on the Internet was not severely disrupted by the attack.