A denial of (electronic) service (DoS) attack is commonly referred to as a "hack" because it is a malicious offensive against another computer system; but unlike most other hacks, it does not involve the attacker gaining access or entry into the target server. Instead, a DoS is a massive stream of information sent to a target with the intention of flooding it until it crashes or can no longer take legitimate traffic. The information is frequently in the form of "pings," which are small packets of data sent by one computer to another with the intention of checking to see if the other computer is accessible. The target computer responds to the pinger and the connection is made. But if the pinger gives a false address, the target computer can't return the ping to make the connection. In that case, the target waits and finally gives up. In great amounts, this can overwhelm a server.
A distributed DoS attack is a concerted effort to take down a target. Instead of a one-to-one attack, many computers target a single one - as would be necessary with a target as large as eBay or Amazon. Besides the obvious tactic of having many users simultaneously flood a target, certain publicly available programs can be used so that one user can perform a distributed DoS. The programs are placed on compromised systems - computers that have been successfully entered by the attacker before. The attacker merely needs to run a "trigger" program that tells the planted programs to begin their assault on the target. That kind of attack is not only formidable, but very difficult to trace back to the original source.
In January and February 2000, e-commerce giants eBay, Amazon.com and Buy.com, along with Yahoo, news site CNN.com, online trading sites E*Trade and Datek, and technology information provider ZDNet have reported denial of service attacks that rendered their sites largely inaccessible. The attacks highlight the unique vulnerability of e-commerce: These businesses can be virtually shut down for several hours by faceless hackers, unlike a chain of Wal-Mart stores.
One of the first sites to be hit by this kind of massive, coordinated attack was the University of Minnesota, which was effectively shut down in August 1999. In that incident, 227 computers were used to inundate the school's system with traffic, some of which were connected to the super-fast Internet 2 academic system.