Denial of Service (DoS) and Distributed Denial of Service (DDoS) are attacks that intend to deny users from accessing network services. Services that can be denied to the users are:

• Communication lines: This will usually be done by generating traffic that floods and blocks the communication line
• Applications and services (web services, mail services, and so on): This will usually be done by loading a server to a point at which it will not be able to serve clients' requests

DoS/DDoS attacks can be a result of scanning that we talked about in the previous recipe. The difference is that DoS/DDoS is a scan that slows down a server or a network in a way that denies the user access.

In this recipe, we will see some common DoS/DDoS patterns, and learn how to identify and block them.