With regard to the scenario the course of action should be Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks pose a serious and evolving threat to any networked computer system. Their distinguishing characteristic is that they do not attempt to break into the target computer systems, take control of them or perform information stealing of any kind, like other more “conventional” attacks. (R. Mahajan, S. Bellovin, 2001)
Their aim is the disruption of normal operations down to their complete halt. The target is not the system itself but its ability to offer useful services, hence the title of the attack. Tar-gets may range from individual systems to whole domains under attempts to be de-nied their commercial networking presence. DoS could also be a part of full-scale cyber-warfare confrontations. DoS attacks fall in two categories: (a) the ones that target a specific system, using certain internal vulnerabilities or trying to overwhelm its processing abilities; another case when a system's vulnerabilities are exploited against it, (b) the ones that target network connectivity on the victim domain. Denial of Service attacks have started as bugs that although could not be exploited for trespassing in systems they were still usable for bringing services down remotely, a malicious alternative to gaining access. Since the target of the attack can easily be identified (or just be communicated) it is possible to stop all its traffic through the ISP (route all its traffic from a central point to a "dead end"). The positive result is that generally bandwidth consumption at the ISP level is alleviated. Additionally hop-by-hop tracking can be performed in the rest of the affected network. The disadvantages of this solution are that (a) the victim does not have any improvement in its condition since all the traffic (even legitimate) to-wards this site stops ...