[27235] in North American Network Operators' Group
FBI / NIPC released a DDoSD detection tool?
daemon@ATHENA.MIT.EDU (Rodney Caston)
Thu Feb 10 11:49:03 2000
Date: Thu, 10 Feb 2000 10:44:35 -0600 (CST)
From: Rodney Caston <largo@megatokyo.com>
To: nanog@merit.edu
In-Reply-To: <200002100920.BAA10909@kitty.kotovnik.com>
Message-ID: <Pine.LNX.4.03.10002101038080.3643-100000@quincy.megatokyo.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
I'm not sure if this is news or not, but looking at
http://www.fbi.gov/nipc/trinoo.htm - it seems the NIPC has released
binaries, (no source code, the jerks), for tools to detect if a box has
trin00, tribal flood net, tfn2k and some other DDoSD's on it.
So far they have a sparc solaris, intel solaris, and x86 linux binary for
download. While I am shocked to see a government agency writing
potentially usefull code so quickly, I am dissappointed they didn't
release their source code so it can be ported to say.. FreeBSD? .. AIX ..
HP/UX ... and so on...
Rodney Caston
Southwestern Bell
Internet Services
