Re: [PEN-TEST] penetrating trojan

[Robert van der Meulen <rvdm () CISTRON NL>]

Quoting David Knaack (dknaack () RDTECH COM):
> Development wouldn't even be that difficult, given that code could
> be lifted directly from the various Gnutella-like projects to handle
> the network side.  With a little bit of modification commands could
> be broadcast to all hosts on the network with only one host ever
> knowing the identity of the master (and even that could be hidden
> fairly well).
This sounds like a lot of the 'default' DDoS tools flying around the
internet, such as stacheldraht, tfn and such.
Most of these are distributed DOS 'servers' that respond to several
'commands' that can be sent trough a myriad of ways, often ICMP packets with
a specific payload.
Information (and source) of these 'tools' can be found trough any search
engine, altough i think that (DDoS attacks being hard enough to defeat as
is) discussions about stuff like this should be mostly theoretical.
(we have all seen it work in practice anyways)
Studying the source, and thinking of new methods (wich hopefully will lead
to new methods to defeat them) can only make our networks stronger, new
DDoS tools will only make our networks harder to defend.

Greets,
        Robert
--
|      rvdm () cistron nl - Cistron Internet Services - www.cistron.nl        |
|          php3/c/perl/html/c++/sed/awk/linux/sql/cgi/security             |
|         My statements are mine, and not necessarily cistron's.           |
  Despite all appearances, your boss is a thinking, feeling, human being.