Sometimes the goal of an attack is not to steal something from you,
but to make your systems or network unavailable either by crashing a
system or saturating the resources of the target systems or network
connection. This form of attack has consequences beyond inconvience.
Imagine a clothing company that does the bulk of their sales through
an online catalog. If people can't log into the web
site, they can't buy sweaters and polo shirts. This
loss of business can have significant impact in a short time. (This
is what happened to eBay, Yahoo, and other large web services in
February of 2000.)
A large number of signatures help detect this category of attack.
With a combination of signatures, portscan detection, automated
blocking, and the new thresholding and suppression rule types, Snort
can be a very good countermeasure against
denial-of-service (DoS) attacks.