What is DDOS? Denial-of-Service Attack explained in laymen’s terms.

When two computers wish to communicate, they have to acknowledge that they are ready to communicate, and this process is sort of like talking to a friend by text messages. Say you want to talk to Billy: you send Billy a text message saying you want to talk. Billy gets this message from you, which is good, because he also knows that you-to-Billy communication works — this is sort of a big deal, because you and Billy live in a world where cell phone providers aren’t very reliable.

Billy now has to let you know that you got his message, and that Billy-to-you communication is works, so he replies with another text message, saying “Looks like I can get your messages, and I’m attending my phone now” You get this message, and everything looks cheery, so you send him a last text message saying “I can get yours too. Let’s start talking!” where you and Billy can now carry on a friendly chat.

This is how computers communicate with each other; it’s called handshaking, and it’s used to do two things: acknowledge the desire to communicate with each other, and to make sure the lines of communication are working well. It’s harder to prove the latter, because in the example above, Billy might not have gotten your last text message, and you’d never know, so it would be reassuring if he acknowledged if he got it by sending you another confirmation, before you start wasting a ton of money through sending him a bunch of text messages that he might not even get! Of course, then you’d have to confirm that you got his confirmation, and he’d have to confirm that confirmation, and so forth. As reassuring as it is, we can’t keep doing this indefinitely, and network engineers have had to come up with a solution to this problem, known as The Two Generals’ Problem. In the end, they settled on the protocol as mentioned above.

Now, say you want to chat with Billy, so you send him a text message to see if he’s there. He confirms that he’s there, but the text message gets dropped because of a bad cell phone tower. Now both of you are stuck at a stalemate; you’re waiting for his confirmation, and he’s waiting for yours. This is a bad situation! So, in order to avoid this, Billy tries to resend his reply after a certain amount of time, after not hearing from you, because he doesn’t know whether it’s your cell phone tower that’s bad, or his. And, after he still doesn’t get a reply from you, he gives up, and determines that the cell phone towers are conspiring against your friendship.

A Denial-of-Service takes advantage of this protocol, to allow you to, well, troll Billy. How it works is as concisely explained in the comic strip — you send Billy a message saying you want to talk, and he sends you a message back saying that he’s ready to talk, but you “pretend” like you never got his message, keeping him busy for a few minutes until he gives up. Then you poke him again, saying you want to talk again, and pretending like you just can’t hear him, and he’ll always put in a full effort to try to start a conversation with you. This causes Billy a lot of aggravation, especially if you get a lot of people to do this to Billy! Eventually, he won’t be able to keep sending all these confirmations to all the people that he thinks genuinely want to talk to him, and he spends every waking minute replying to these phony text messages, leaving him no time to start conversations with people who actually want to talk to him. Thus, you’re denying anyone who wants to actually talk to Billy the service of Billy’s conversation.

Miscellaneous Facts: The “text messages” that computers send to each other are called packets. It’s exactly like what it sounds like — a small parcel of information, wrapped nicely with a stamped address, date, return address, and all the good stuff.

The initial packet in the handshaking protocol is called a SYN packet, short for synchronize. The receiving computer sends back an ACK packet, short for acknowledge, as well as another SYN packet. The original conversation-starter replies to the SYN packet with a final ACK, and then conversation can begin. The computer who sends both the SYN and the ACK at the same time sends a combined packet, usually referred to as SYN/ACK. This makes the protocol a three-packet protocol: SYN, SYN/ACK, then lastly, ACK.

Source: http://pbjbreaktime.com/2011/01/what-is-ddos-denial-of-service-attack-explained-in-laymens-terms/

http://www.reddit.com/user/ProggitExplainer