DOS ATTACKS

Types of Denial of Service (DoS) attacks
These are a few of the classic denial of service attacks. Most of these rely upon weaknesses in the TCP/IP protocol. Vendor patches and proper network configuration have made most of these denial of service attacks difficult or impossible to accomplish.
Flood Attack
The earliest form of denial of service attack was the flood attack. The attacker simply sends more traffic than the victim could handle. This requires the attacker to have a faster network connection than the victim. This is the lowest-tech of the denial of service attacks, and also the most difficult to completely prevent.
Ping of Death Attack
The Ping of Death attack relied on a bug in the Berkeley TCP/IP stack which also existed on most systems which copied the Berkeley network code. The ping of death was simply sending ping packets larger than 65,535 bytes to the victim. This denial of service attack was as simple as:
ping -l 86600 victim.org
SYN Attack
In the TCP protocol, handshaking of network connections is done with SYN and ACK messages. The system that wishes to communicate sends a SYN message to the target system. The target system then responds with an ACK message. In a SYN attack, the attacker floods the target with SYN messages spoofed to appear to be from unreachable Internet addresses. This fills up the buffer space for SYN messages on the target machine, preventing other systems on the network from communicating with the target machine.
Teardrop Attack
The Teardrop Attack uses IP's packet fragmentation algorithm to send corrupted packets to the victim machine. This confuses the victim machine and may hang it.
Smurf Attack
In the Smurf Attack, the attacker sends a ping request to a broadcast address at a third-party on the network. This ping request is spoofed to appear to come from the victims network address . Every system within the broadcast domain of the third-party will then send ping responses to the victim.

Distributed Denial of Service (DDoS) attacks
A Distributed Denial of Service (DDoS) attack is a denial of service attack which is mounted from a large number of locations across the network.
DDoS attacks are usually mounted from a large number of compromised systems. These systems may have been compromised by a trojan horse or a worm, or they might have been compromised by being hacked manually.
These compromised systems are usually controlled with a fairly sophisticated piece of client-server software such as Trinoo, Tribe Flood Network, Stacheldraht, TFN2K, Shaft, and Mstream.
The Mydoom worm attempted DDoS attacks against SCO and Microsoft from the systems which it infected.
DDoS attacks can be very difficult to defend against.
IP address spoofing denotes the action of generating IP packets with fake source IP addresses in order to impersonate other systems or to protect the identity of the sender. Spoofing can also refer to forging or using fake headers on emails or netnews to - again - protect the identity of the sender and to mislead the receiver or the network as to the origin and validity of sent data.