How a Denial-of-Service Attack Works

Q: How often do these attacks happen?

A: People try denial-of-service attacks all the time -- many government and private sites report being hit every day. Often the assaults are unsuccessful, because Web sites have ways of identifying and intercepting malicious traffic. However, sites really want to avoid blocking legitimate Web users, so more often than not, Internet traffic is let through until a problem is spotted.

Denial-of-service attacks are noisy by design, and they intend to make a statement. They're not subtle attempts to infiltrate a Web site's defenses, which can be much more insidious because that gives hackers access to whatever confidential information is stored there.

Often the attacks take a site out for a few hours, before Web site administrators can respond. What made the most recent attack notable is that it was widespread and went on for a while, beginning over the July Fourth holiday weekend and running into this week. It's not yet clear how the attack was able to last that long.

Q: Some organizations appear to have fended off these recent attacks, while others saw their Web sites go down. How can this be?

A: The sites that went down probably were less prepared, because they are less accustomed to being hit or aren't sensitive enough to warrant extra precautions.

Popular Web sites, like e-commerce and banking sites, have a lot of experience dealing with denial-of-service attacks, and they have sophisticated software designed to identify malicious traffic. Often that's done by flagging suspicious traffic flowing into the site, and if there's enough of it, preventing it from ever reaching the site's servers.