A denial of service attack takes place when a hacker overloads a system with large or repeated requests for a service.
For example, where a script requires some intensive processing on the server, if lots of requests are received at the same time, this can cause the server to slow down to such an extent that legitimate requests from others cannot be processed. In some instances, a denial of service attack can cause the server to crash completely.
In an effort to prevent denial of service attacks, many scripts which require intensive processing will only allow a single request from any one user (for example, by checking the IP address of the source of the request, and only allowing one request from that IP address within a certain time period). However, distributed denial of service attacks (DDOS) involve a hacker impersonating hundreds or even thousands of different users in such a way that the script cannot tell whether the requests are legitimate or not.
DDOS attacks are very difficult to prevent, but they can also be very difficult to carry out - the effort involved in executing such an attack without being traced means that in most cases it is not a worthwhile exercise from the hackers point of view; they would prefer to use easier methods of attack. If a server has strong defenses in other areas though, and an attacker has a strong grudge against a company, a DDOS attack becomes more likely. For this reason, it is usually large corporations and financial institutions who suffer from these attacks.