Security Incidents mailing list archives
Re: IRC based DoS bot
From: Erik Tayler <nine () 14X NET>
Date: Sun, 17 Sep 2000 23:20:04 -0500
These are quite common, and nowhere near new. They have been around for at least than 6 years (probably longer). They are extremely unsophisticated, and for lack of a better word, stupid. Process appears as "-bash" to obviously try to hide. Contact the proper undernet administrators/operators, contact the internet service providers of the compromised systems. Not much more could be done. Erik Tayler http://www.14x.net http://www.digitaloffense.net
PRIVMSG %s :(entitee) udpflood completed. %d packets/sec PRIVMSG %s :(entitee) fragmentflood started. PRIVMSG %s :(entitee) fragmentflood completed. %d packets/sec PRIVMSG %s :(entitee) synflood started. PRIVMSG %s :(entitee) synflood completed. %d packets/sec PRIVMSG %s :(entitee) rstflood started. PRIVMSG %s :(entitee) rstflood completed. %d packets/sec PRIVMSG %s :(entitee) randomflagsflood started. PRIVMSG %s :(entitee) randomflagsflood completed. %d packets/sec PRIVMSG %s :(entitee) ackflood started. PRIVMSG %s :(entitee) ackflood completed. %d packets/sec PRIVMSG %s :(entitee) establishflood started. PRIVMSG %s :(entitee) establishflood completed. %d packets/sec PRIVMSG %s :(entitee) nullflood started. PRIVMSG %s :(entitee) nullflood completed. %d packets/sec [...]
Current thread:
- IRC based DoS bot Rod R00t (Sep 17)
- Re: IRC based DoS bot Erik Tayler (Sep 18)
- Re: IRC based DoS bot Erik Tayler (Sep 18)
- Re: IRC based DoS bot Matthew S. Hallacy (Sep 19)
- Re: IRC based DoS bot Erik Tayler (Sep 20)
- Re: IRC based DoS bot Matthew S. Hallacy (Sep 19)
- <Possible follow-ups>
- Re: IRC based DoS bot Fredrik Ostergren (Sep 18)
- Re: IRC based DoS bot Rod R00t (Sep 19)
- Re: IRC based DoS bot Martins, Fernando (Lisbon) (Sep 22)