|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re:FBI / NIPC released a DDoSD detection tool? (Look in the binary)
At 10:44 AM 02/10/2000 -0600, you wrote: > >I'm not sure if this is news or not, but looking at >http://www.fbi.gov/nipc/trinoo.htm - it seems the NIPC has released this has been out about since late Dec >binaries, (no source code, the jerks), for tools to detect if a box has >trin00, tribal flood net, tfn2k and some other DDoSD's on it. Heh, who in their right mind installs something w/o source.... Especially from the FBI ;)They are the ones that want to BACKDOOR every crypto product... It looks like a packet sniffer that just looks for the fingerprints of these attacks. Nothing really special. It even looks like it has the exploit compiled in(strings , nm -Du, ldd the binary), probably cut and paste work. The fact that they have it only for Solaris(SPARC and x86) and Red Hat tells you those are the only types of boxes they have, or the only thing they could get it to work on. Matt
|