Distributed denial of service (DDOS) attacks occur when a malicious user seeks to stop or severely limit access to a website. To achieve such results, the malicious user may attack the website in a variety of ways, such as attempting to overwhelm the servers of the website by bombarding it with requests.
Typically, to access a website, a user types in the name of the website in a web browser. However, that name is not the internet address of the website, but rather is a textual name that refers to a server or a set of servers. All textual names are resolved by a Domain Name System (DNS) server. A DNS server resolves a textual name to one or more physical Internet Protocol (IP) addresses. In IP version 4, typical IP address are 32 bit numbers and are represented as a series of 8-bit numbers separated by periods such as 192.168.0.0. In IP version 6, addresses are 128 bit numbers and are represented as colon separated hex digits. DNS servers can use a split horizon DNS, which is a method for providing different IP addresses for different users, based on the users originating IP address. Using split horizon DNS, it is possible to keep private networks private while still providing web services to the general population.