A denial-of-service attack occurs when many computers (or computer processes) attempt to access a site all at once. The receiving web site servers attempt to respond by opening a page to each "computer" trying to read the site, but if the requests come too quickly and too fast, the receiving sever bogs down. It reaches a point where it cannot process any more requests to open pages.

So, this is not the same kind of "attack" as when someone hacks into a web site, reading files and stealing data. It is a much more simple kind of thing.

During the recent Wikileaks episode, eBay, Amazon and several banks refused to accept donations to the Wikileaks site. Some of the banks, and Amazon froze the accounts of Assange.

In return, a group of people going by the name of "Anonomous" made available to anyone, a small and very simple program that can create a denial-of-service attack. The program works by you, the user, typing in the web adress of the victim site, and then executing the program. The program sends several hundred requests to the target web site per minute. The "request" simply is a request to read the front page of the site.  That is, to "open" up a page. The intent of Anonomous was to get as many people as possible to try to bombard the web sites of eBay, Amazon and the named banks - to retaliate for those site freezing the accounts or refusing to accept donations for Wikileaks. This is a denial-of-service attack.

Problem is, now that little piece of program is now available to any stupid kid who wants to use it for any purpose. Almost anyone following the events of the Wikileaks mess knows about it and where to get it. It's still there for the downloading.

And, I say "stupid" since the IP address of the person using that little program to send the attack is written into every "request." How hard is it to capture one of the send requests, and trace back to the source? - Not hard at all, since every commercial server automatically captures the IP address of any incoming requests. Plus, now the request message itself carries the IP address. Plus, if you are a network tech, you probably are already using a software program that traces IP addresses to their physical location around the globe.

The most common way a denial-of-service attack is delt with is for the site managers to switch to a new set of IP addresses. But, you either have to have already obtained these for use in an emergency, or you have to purchase them. Sophisticated web sites, such as Amazon, have many server sets on line, and they can switch their files and programs to new IP addresses every minute - another way that DOS attacks are commonly thwarted. Also, the big sites have IP trace-hunter programs that automatically trace back every so many "open requests", and either bombard the originating IP in return, or do some other things I won't go into to kill the source of the DOS attack.

All this is expensive, and probably has not been necessary on the e-on web sites to this point. If e-on is forced to armor their web sites, we all are going to pay for it in the end - in terms of more expensive products, among other things.

Nice! Yes?