One of the major security threats an Internet-connected server might encounter is a DDoS attack. It is a violent, often faceless, intrusion on a server that can leave all of its websites paralyzed.
DoS stands for denial of service, and a DoS attack is one in which the attacker typically exploits a protocol, application, or other means of entry to bombard the server with requests. Eventually, the server cannot handle it anymore, and it either crashes or simply becomes unreachable to anyone else except the attacker. The actual methods for denial of service vary, but the end goal of preventing user access is always the same.
A DDoS attack is a distributed denial of service attack that involves a concerted effort of multiple machines carrying out the DoS. In other words, if the method of denying service is to flood a server with more HTTP requests than it can handle, multiple computers in multiple locations will carry out the attack. This makes it more difficult for a server to stop the attack simply by blocking access from one source.
Although there may be instances where DDoS attacks are planned and purposefully executed by all parties involved, the more likely scenario involves some form of intrusion mechanism that takes control of several machines and uses them as unwilling virtual weapons. The owners of the attacking machines or agents typically do not know that their systems have been compromised and may never know that they were part of a DDoS attack.
It is not always possible to completely prevent a DDoS attack because of the large scale of some attacks and the number of attacking computers involved. As a result, many high-profile websites from large corporations have been brought to their knees. System administrators can, however, be prepared and have a mitigation plan to lessen the effect of an attack.