What are DoS attacks and defenses?

A denial-of-service or DoS attack prevents someone from using a computer service. DoS attacks have a huge attack surface, and the attacker can carry out this attack in the following two ways:

  • Deny a service using a programming flaw.

  • Deny a service using resource exhaustion.

The motivation behind carrying out a denial-of-service attack might include competitive advantage, extortion, entertainment, or manipulation, etc. A few common DoS attacks are:

Types of DoS Attacks

DNS amplification

The attacker can use the structure of DNS lookups to increase the load induced on the resource. The attacker causes a large amount of traffic by making random requests to the DNS resolvers so that the amplified responses are sent to the target by the resolvers.

Defenses

General defenses against DNS amplification attacks include reducing the total number of DNS resolvers and verifying the source IP addresses.

DoS on networks

The attacker can carry out a DoS attack on Internet access by sending many network packets to overwhelm the rate at which the router processes the packets.

Defenses

The most common defense against a network DoS attack includes installing a network filterisolation mechanism that discards any packets with the attacker’s IP address. However, the attacker can still counter the network filter by using many hosts to send the traffic, rather than just one. This is called a DDoS (Distributed Denial of Service) Attack.

TCP SYN flood attack

The attacker targets the memory rather than the network capacity in this attack. Using the TCP’s 3-way connection, the attacker sends a unique SYN in large numbers, causing the memory to be exhausted. When an actual user tries to open a new connection, TCP will deny the connection.

Defenses

The most effective defense against the SYN Flood attack is using SYN cookies.

DoS on operating systems

The attacker might manipulate the code to use up all of the disk space, such as creating unlimited processes or files to damage the disk.

Defenses

General defenses against this attack include isolating the users of the operating system and imposing quotas.

DoS via program flaw

The attacker might supply an input that crashes the system or fools a system into shutting down by leveraging a programming flow.

Defenses

General defenses include careful coding practices and proper authentication.

Free Resources

Copyright ©2025 Educative, Inc. All rights reserved

Learn in-demand tech skills in half the time

PRODUCTS

Mock Interview

New

Courses

Skill Paths

Projects

Assessments

TRENDING TOPICS

Learn to Code

Tech Interview Prep

Generative AI

Data Science

Machine Learning

GitHub Students Scholarship

Early Access Courses

Blind 75

Layoffs

Pricing

For Individuals

Try for Free

Gift a Subscription

CONTRIBUTE

Become an Author

Become an Affiliate

Earn Referral Credits

RESOURCES

Blog

Cheatsheets

Webinars

Answers

ABOUT US

Our Team

Careers

Hiring

Frequently Asked Questions

Contact Us

Press

LEGAL

Privacy Policy

Cookie Policy

Terms of Service

Business Terms of Service

Data Processing Agreement

INTERVIEW PREP COURSES

Grokking the Modern System Design Interview

Grokking the Product Architecture Design Interview

Grokking the Coding Interview Patterns

Machine Learning System Design

Tiktok Streamline Icon: https://streamlinehq.com

Copyright ©2025 Educative, Inc. All rights reserved.

soc2