Distributed Denial Of Service Attacks

Distributed Denial Of Service Attacks differ from the normal sort in that the source of the attack is itself 'distributed'; instead of coming from one machine, it comes from a large number; hundreds, thousands, or millions, generally with command and control from one or many points, often in a 'botnet'.

This sort of attack is more difficult to mitigate than the usual type because there's often no good choke point at which to drop the incoming attack packets -- and they may come in slowly enough from each attacking host that you can't even tell they're an attack; they may be valid requests, just in unsupportable numbers.