Internet Technology Explained

How Can a DoS Attack Take Down Twitter? [Technology Explained]

Steve Campbell 25-05-2010

A denial-of-service — or DoS — attack is an attempt to prevent a website from functioning properly and is one of the most common violations happening to popular sites on the Internet. These attacks, which usually target high-profile websites, are meant to keep people from accessing such sites for an extended period of time.


Social networking sites are among some of the most often visited and widely used on the Internet. Because of this, sites like Twitter and Facebook have to worry about DoS attacks like other important websites. Twitter has fallen victim to DoS attacks in the past, causing the site to run extremely slow or go down entirely. But, how?

As part of our Technology Explained series, I am going to explain what a DoS attack consists of, as well as how one can take down a site as big as Twitter, and the effects it has on the site and its millions of users.

What is a DoS Attack?

I explained briefly the intent of a DoS attack, but what is it technologically? A DoS attack happens when a large number of hijacked computers overwhelm a website by sending it a massive, constant stream of data. A basic site like Twitter, which is used to processing requests and displaying a simple page, has trouble keeping up with this massive flow of information due to this large spike in requests.

twitter dos attack

In a typical connection, a user sends a message for the server to authenticate. After the server acknowledges and approves this request, the user can then access the site from the server.


In a DoS attack, several authentication requests are sent, filling the server up. The server tries to approve these requests, but it can’t because they all have false return addresses. So the system waits. After a minute or so, these connections are closed, but by this time, the attacker has already sent a new batch of requests, slowing up the system indefinitely.

Using Botnets for DoS Attacks

twitter dos attack

A botnet is a collection of compromised computers that can be used for malicious acts (like spam) on the Internet. Botnet-based DoS attacks are difficult for websites to deal with. This is because it is hard to distinguish legitimate requests from those coming from a botnet.

From Twitter’s perspective, you can’t just block the IP addresses of offending users in this situation because the computers being used might belong to legitimate users. Cutting such users off would only further complicate things.


[Note]: You can drastically reduce the chances of your computer being hijacked by maintaining anti-virus and firewall protection. You don’t want to be partially responsible for the next attack on your favorite website!

Twitter DoS Attack

You can monitor Twitter’s status here.

Twitter has always been criticized for running too slowly at times or having significant downtime. They have spent a lot of time fixing these issues and becoming stronger structurally, but with millions of users to account for, a denial-of-service attack can (and has) cripple Twitter for its users.

ddos attack on twitter


Twitter is different from most sites in that much of its use comes through its application programming interface (API), which allows software (e.g. TweetDeck) to have access to its service. When a Twitter DoS attack occurs, users on the site experience longer loading times and slowness, while users of third-party applications experience timeouts. Some of your requests might fail, causing you to be unable to post an update or follow someone.


Twitter DoS attacks will more than likely continue to happen in the future. As the company grows older, it should become better equipped at dealing with such attacks.

Now that you know what a denial-of-service attack is, you can begin taking notice of such activities on the Internet. So the next time your favorite site is running a bit slow, keep in mind that it might not be their fault.

What thoughts do you have on this matter? Do you have anything to add to the article? I’d love to hear your opinions below.


Image Credit: carlsilver, -= Trevino =-

Explore more about: Computer Networks, Twitter.

Whatsapp Pinterest

Enjoyed this article? Stay informed by joining our newsletter!

Enter your Email

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Ewerw
    June 13, 2010 at 12:05 pm


  2. TechGyo
    June 9, 2010 at 6:16 pm

    I didn't know that this kind of trouble is possible from DOS attack

  3. Andy
    June 7, 2010 at 1:13 am

    some amature tried taking down our new website yesterday, but i have put a few request timeout changes in which cut down their abilty as it was just the one user trying to DOS attack my site

  4. Birkenstock
    May 26, 2010 at 10:58 am

    Well, it's gald to read your post, but I wouldn't understand your meaning well. Thanks all the same.

  5. Nat Jay
    May 26, 2010 at 5:37 am

    I wish there was a way to heuristically analyze bad IP behavior based on a history of DoS attacks. I'm a strong believer in prevention, and hope the algorithms advance to a point where sites are able to hold off, if not totally prevent, a malicious attack.

    • Steve Campbell
      May 26, 2010 at 3:09 pm

      Yes, hopefully there is a better way to deal with this activity. It would be huge for sites and internet security.