Patrick M. Hausen wrote:
>Sorry to be nitpicking, but can we make that DDOS, then?

DDOS = "Distributed Denial Of Service"
I.e.: the attack is not originating from a single source. The term
DDOS hasn't got anything to do with the mechanism of the
attack. A lot of DDOS attacks are bandwith saturation attacks,
but not all.

>At least I use to think of DOS as "ping of death" or
>"carefully crafted application packet of death" in contrast
>to DDOS as "simply swamp your uplink by thousand of bots".

DDOSing is a technique for launching a DOS attack. So,
by definition, all DDOS attacks will be a subset of DOS

I understand how you want to use the terminology but it's
not in line with the normal usage (as I understand it). I
don't think there's an official term for DOS attacks that
take advantage of a flaw (e.g.: ping of death) as opposed
to resource usage attacks (e.g.: bandwith saturation
or CPU exhaustion).

>Firewalls can protect against the former.

That's correct.

I think the reason Darren and I jumped on that nitpick with
our boots on is because we periodically run into vendors
who claim to be able to "block DOS attacks." Which
we know is impossible.


firewall-wizards mailing list