I was sent this picture & just had to share – good overview of a basic dos attack (syn flood).
Legit: shows a normal 3-way handshake SYN – SYN/ACK – ACK
DoS: shows what happens when the SYN/ACK is not answered with an ACK by the initiating connection – as it says, repeat this 1000 times at once and the destination server ends up using all its resources with half open connections.
Not as effective these days as even most cheap home adsl routers have syn flood / DoS protection – but I thought the graphic example was awesome 😀
Click on the picture for a larger size ….
adventures {in}security 
thanks so much for the cute explanation