Preventing Denial of Service Attacks

As explained previously, Denial of service (DoS) attacks deny service to valid users trying to access your site. For example, an attacker might flood your Web server with requests, rendering your Web server temporarily unavailable or unusable. Denial of service attacks are problematic because they are easy to achieve and can be anonymous.

There are four main types of Denial of service attacks: CPU starvation, memory starvation, resource (or disk space) starvation, and network bandwidth starvation. These DoS attacks are described in the following sections, as are the techniques you can use to mitigate the attacks. For more detailed information, see Writing Secure Code, by Michael Howard and David LeBlanc.

This section contains:

• CPU Starvation Attacks
• Memory Starvation Attacks
• Resource Starvation Attacks
• Network Bandwidth Attacks

Copyright © 2005 Microsoft Corporation.
All rights reserved.