[27236] in North American Network Operators' Group
Re: FBI / NIPC released a DDoSD detection tool?
daemon@ATHENA.MIT.EDU (Declan McCullagh)
Thu Feb 10 12:10:24 2000
Message-Id: <4.3.0.33.0.20000210120207.00af4ec0@pop.webcom.com>
Date: Thu, 10 Feb 2000 12:04:31 -0500
To: Rodney Caston <largo@megatokyo.com>, nanog@merit.edu
From: Declan McCullagh <declan@wired.com>
In-Reply-To: <Pine.LNX.4.03.10002101038080.3643-100000@quincy.megatokyo.
com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Errors-To: owner-nanog-outgoing@merit.edu
Those binaries have been there for about a month, the same time as the Feds
published the "trinoo" alert (about half a year late, but who's counting).
This page has the date: http://www.fbi.gov/nipc/welcome.htm
Somehow I doubt that the NIPC wrote the code.
-Declan
At 10:44 2/10/2000 -0600, Rodney Caston wrote:
>I'm not sure if this is news or not, but looking at
>http://www.fbi.gov/nipc/trinoo.htm - it seems the NIPC has released
>binaries, (no source code, the jerks), for tools to detect if a box has
>trin00, tribal flood net, tfn2k and some other DDoSD's on it.
>
>So far they have a sparc solaris, intel solaris, and x86 linux binary for
>download. While I am shocked to see a government agency writing
>potentially usefull code so quickly, I am dissappointed they didn't
>release their source code so it can be ported to say.. FreeBSD? .. AIX ..
>HP/UX ... and so on...
>
>
>Rodney Caston
>Southwestern Bell
>Internet Services
>
>
