[14747] in bugtraq
Re: Source code to mstream, a DDoS tool
daemon@ATHENA.MIT.EDU (Security)
Tue May 2 17:51:26 2000
Message-Id: <024001bfb3ea$f612a740$6600a8c0@localarc.com>
Date: Tue, 2 May 2000 00:00:31 -0400
Reply-To: Security <security@ARC.COM>
From: Security <security@ARC.COM>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Based on the signatures provided by Mr. Dittrich, we have updated
SARA (http://www-arc.com/sara) (version 3.0.2) to detect the presence
of the mstream DDOS (both wild and published).
------------------------------------------------------------------
Bob Todd
Advanced Research Corporation
http://www-arc.com
----- Original Message -----
From: Dave Dittrich <dittrich@CAC.WASHINGTON.EDU>
To: <BUGTRAQ@SECURITYFOCUS.COM>
Sent: Monday, May 01, 2000 5:08 PM
Subject: Re: Source code to mstream, a DDoS tool
> ==========================================================================
>
> The "mstream" distributed denial of service attack tool
>
> ==========================================================================
>
> May 1, 2000
> Copyright (C) 2000. All rights reserved.
>
> David Dittrich
> University of Washington
> <dittrich@cac.washington.edu>
>
> George Weaver
> Pennsylvania State University
> <weaver@gabriel.nso.psu.edu>
>
> Sven Dietrich
> NASA Goddard Space Flight Center
> <spock@netsec.gsfc.nasa.gov>
>
> Neil Long
> Oxford University
> <neil.long@computing-services.oxford.ac.uk>
>
>
> Introduction
> ------------
>
> The following is an analysis of "mstream", a distributed denial of
> service (DDoS) attack tool, based on the source code of "stream2.c", a
> classic point-to-point DoS attack tool [12].
<<<<< cut >>>>>
