All the attacks described above involved some sort of resource exhaustion that affected the entire machine. However, there is a second class of attacks that simply take out a single network service. This can be as simple as triggering a bug in the server program that results in a segmentation fault and crashes the application. In the case of single-threaded application, this means the service is disabled until the server is restarted. Any existing connections to the service will be terminated.
Obviously, network services that create a separate process for each new connection usually do not suffer from this sort of problem, because all an attacker can do is trash the process servicing his connection, but not the master process that accepts new connections and creates the subprocesses serving them.9.6
However, simple segmentation faults aren't the only potential trouble spots. There are more complicated denial of service attacks on individual applications, explained in the following sections.