nanog mailing list archives
Re: FBI / NIPC released a DDoSD detection tool?
From: Richard Steenbergen <ras () above net>
Date: Thu, 10 Feb 2000 14:27:05 -0500
On Thu, Feb 10, 2000 at 10:44:35AM -0600, Rodney Caston wrote:
I'm not sure if this is news or not, but looking at http://www.fbi.gov/nipc/trinoo.htm - it seems the NIPC has released binaries, (no source code, the jerks), for tools to detect if a box has trin00, tribal flood net, tfn2k and some other DDoSD's on it. So far they have a sparc solaris, intel solaris, and x86 linux binary for download. While I am shocked to see a government agency writing potentially usefull code so quickly, I am dissappointed they didn't release their source code so it can be ported to say.. FreeBSD? .. AIX .. HP/UX ... and so on...
There is also code available that sends a kill message to the individual nodes attacking you upon reception of the attack for the original versions of trinoo (the non-spoofed or spoofed with the last octet only udp flood version). Unfortunantly I havn't had a chance to look at the src for any of the newer flood programs, if someone would be so kind as to forward me a copy perhaps there are some more easily exploitable ways to use their poorly designed distributed programs against them, or if nothing else at least write a scanner with freely distributable source. -- Richard A. Steenbergen <ras () above net> http://users.quadrunner.com/humble PGP Key ID: 0x60AB0AD1 (E5 35 10 1D DE 7D 8C A7 09 1C 80 8B AF B9 77 BB) MFN / AboveNet Communications Inc - ISX Network Engineer, Vienna VA
Current thread:
- FBI / NIPC released a DDoSD detection tool?, (continued)
- FBI / NIPC released a DDoSD detection tool? Rodney Caston (Feb 10)
- RE: FBI / NIPC released a DDoSD detection tool? Roeland M.J. Meyer (Feb 10)
- RE: FBI / NIPC released a DDoSD detection tool? Ryan Tucker (Feb 10)
- RE: FBI / NIPC released a DDoSD detection tool? NANOG Mailing List (Feb 10)
- RE: FBI / NIPC released a DDoSD detection tool? Patrick Evans (Feb 10)
- C Source for RE: FBI / NIPC released a DDoSD detection tool? Larry Snyder (Feb 10)
- FBI / NIPC released a DDoSD detection tool? Rodney Caston (Feb 10)
- Re: FBI / NIPC released a DDoSD detection tool? Pat Myrto (Feb 10)
- Re: FBI / NIPC released a DDoSD detection tool? Charles Sprickman (Feb 10)
- Re: FBI / NIPC released a DDoSD detection tool? Declan McCullagh (Feb 10)
- Re: FBI / NIPC released a DDoSD detection tool? Joe Shaw (Feb 10)
- Re: FBI / NIPC released a DDoSD detection tool? Richard Steenbergen (Feb 10)
- Re: FBI / NIPC released a DDoSD detection tool? Declan McCullagh (Feb 10)
- Re: Yahoo! Lessons Learned Vijay Gill (Feb 10)
- Re: Yahoo! Lessons Learned Alex Rubenstein (Feb 10)
- Re: Yahoo! Lessons Learned Randy Bush (Feb 10)
- Re: Yahoo! Lessons Learned Eric Kozowski (Feb 10)
- Re: Yahoo! Lessons Learned Alex Rubenstein (Feb 11)