Does being the target of a DoS attack imply a vulnerability of my operating system?

Question

Does being the target of a denial of service (DoS) attack imply a vulnerability of my operating system?

it depends on what DOS it is? – stuart Brand Aug 11 '09 at 13:22 — stuart Brand, Aug 11 '09 at 13:22

score 11 · Accepted Answer · answered Aug 11 '09 at 04:02

11

In a word, "No".

The aim of a denial of service attack is to slow down or block the attacked system.

Think of it as someone calling your phone over and over and over again. Regardless of whether you answer/hang up or just let it ring... other (legitimate) people trying to reach you will get a "busy" signal.

The person calling you over and over again is essentially using a denial of service attack against you.

Your servers are not necessarily vulnerable... just like your phone isn't vulnerable... its just all the bandwidth (or service) is being used up so that others can't use it.

answered Aug 11 '09 at 04:02

KPWINC

11,394
3
37
45

A nice explanation. +1 – Chathuranga Chandrasekara Aug 11 '09 at 07:44
This answer demonstrates a misunderstanding of what a Denial of Service attack can consist of - it's not just "a botnet sending a flood of requests." Many vulnerabilities are classified as DoS-related; if you have a server application which crashes if sent a malformed request, that's a DoS vulnerability. – Brett Dikeman Jan 12 '12 at 07:05

score 2 · Answer 2 · answered Aug 11 '09 at 03:59

All a DoS attack is is a bunch of people (or a botnet) going to your site at the same time. It's like having lots of people simply go to it in a browser and keep hitting refresh until the site goes down.

Sometimes a vulnerability makes the bad guys' job easier (see Slowloris, for example), but that isn't the reason for which you were DoSed.

score 2 · Answer 3 · answered Aug 11 '09 at 14:31

If the denial of service attack is against your network access, then no. Your connection is simply being overwhelmed.

If the denial of service is something related to an internal system...i.e., your memory/resources/processor is being overwhelmed (and it's not from processing network-bound I/O) then it could mean you have a user or internal login taking advantage of an issue with your software.

Without knowing the kind of DoS you're referring to it's tough to say. But if it's a typical kind of DoS, it's just your connection being overwhelmed and you'd only be able to stop it with working with your upstream provider to see what can be done with firewalls and routing tables to redirect/drop traffic before it saturates your connection.

score 0 · Answer 4 · answered Aug 11 '09 at 04:05

0

Not necessarily, it just means that you're one or more of the following:

Not well liked by someone or someones
Unlucky to be the target of some group of jackasses
A competitor to some entity that wants to cause you grief
Somewhat screwed

More often than not it's not the fault of the OS and there is frequently not much you can (easily) do about it other than to craft some clever blocking solutions.

answered Aug 11 '09 at 04:05

squillman

37,883
12
92
146

Valid answer but not very informative. Reason for DoS is irrelevant. – Mei Jan 13 '11 at 20:48

Does being the target of a DoS attack imply a vulnerability of my operating system?

4 Answers4