North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: FBI / NIPC released a DDoSD detection tool?
On Thu, 10 Feb 2000, Pat Myrto wrote: > Roeland M.J. Meyer has declared that: > > > > > > I don't care where it purports to be from, for this kind of code, I will not > > trust something [to not be a trojan] that I can not compile myself. This > > policy applies to SSH, SSL, and other security related code. I am sure that > > I am not the only one with this policy. > > The NIPC admitted that to me. You are not the only one by a long shot. > > I contacted the NIPC site, and sent email to the nicpc contact asking > about source, explaining the above concerns to them. Their response > was they were valid concerns, but they basically didnt care. NO > SOURCE. "Trust us". [SNIP] > Until then, however, thanks but no thanks. I will muddle along using > other methods. > > As such I am looking for open-src tools for finding and smoking out > these rogue daemons from other sources. Did people not read where I posted links to info and scanners for the known DDoS daemons? I know I'm vocal, and occasionally irrational, but I like to think I have a few good pieces of information to share now and again. http://www.washington.edu/People/dad/, scroll down to Papers / Articles / Reports, and look at the fifth and sixth entries. "gag -- a stacheldraht agent scanner (C source code) by Dave Dittrich, Marcus Ranum, and others. dds -- a trinoo/TFN/stacheldraht agent scanner (C source code) by Dave Dittrich, Marcus Ranum, George Weaver, David Brumley, and others. [In BETA testing.]" These are links to source tarballs. -- Joseph W. Shaw - [email protected] Computer Security Consultant and Programmer Free UNIX advocate - "I hack, therefore I am."
|