nanog mailing list archives
Re:FBI / NIPC released a DDoSD detection tool? (Look in the binary)
From: mpotter () atpco com
Date: Thu, 10 Feb 2000 13:49:36 -0800
At 10:44 AM 02/10/2000 -0600, you wrote:
I'm not sure if this is news or not, but looking at http://www.fbi.gov/nipc/trinoo.htm - it seems the NIPC has released
this has been out about since late Dec
binaries, (no source code, the jerks), for tools to detect if a box has trin00, tribal flood net, tfn2k and some other DDoSD's on it.
Heh, who in their right mind installs something w/o source.... Especially from the FBI ;)They are the ones that want to BACKDOOR every crypto product... It looks like a packet sniffer that just looks for the fingerprints of these attacks. Nothing really special. It even looks like it has the exploit compiled in(strings , nm -Du, ldd the binary), probably cut and paste work. The fact that they have it only for Solaris(SPARC and x86) and Red Hat tells you those are the only types of boxes they have, or the only thing they could get it to work on. Matt
Current thread:
- Re:FBI / NIPC released a DDoSD detection tool? (Look in the binary) mpotter (Feb 10)
- Re:FBI / NIPC ... Correction Matthew R. Potter (Feb 10)