Bugtraq mailing list archives
Re: Source code to mstream, a DDoS tool
From: security () ARC COM (Security)
Date: Tue, 2 May 2000 00:00:31 -0400
Based on the signatures provided by Mr. Dittrich, we have updated SARA (http://www-arc.com/sara) (version 3.0.2) to detect the presence of the mstream DDOS (both wild and published). ------------------------------------------------------------------ Bob Todd Advanced Research Corporation http://www-arc.com ----- Original Message ----- From: Dave Dittrich <dittrich () CAC WASHINGTON EDU> To: <BUGTRAQ () SECURITYFOCUS COM> Sent: Monday, May 01, 2000 5:08 PM Subject: Re: Source code to mstream, a DDoS tool
==========================================================================
The "mstream" distributed denial of service attack tool
==========================================================================
May 1, 2000
Copyright (C) 2000. All rights reserved.
David Dittrich
University of Washington
<dittrich () cac washington edu>
George Weaver
Pennsylvania State University
<weaver () gabriel nso psu edu>
Sven Dietrich
NASA Goddard Space Flight Center
<spock () netsec gsfc nasa gov>
Neil Long
Oxford University
<neil.long () computing-services oxford ac uk>
Introduction
------------
The following is an analysis of "mstream", a distributed denial of
service (DDoS) attack tool, based on the source code of "stream2.c", a
classic point-to-point DoS attack tool [12].
<<<<< cut >>>>>
Current thread:
- Re: Source code to mstream, a DDoS tool Dave Dittrich (May 01)
- Linux knfsd DoS issue Chris Evans (May 01)
- Esafe Protect Gateway issue still unresolved! Hugo.van.der.Kooij () CAIW NL (May 01)
- Re: Source code to mstream, a DDoS tool Security (May 01)
- Re: Source code to mstream, a DDoS tool Paul Cardon (May 01)
- INFO:AppleShare IP 6.3.2 squashes security bug deepquest () NETSCAPE NET (May 02)
- spj-003-000 - S0ftPj Advisory fusys () ITAPAC NET (May 02)