Exploit the possiblities
Showing 51 - 75 of 84 RSS Feed

Files

Project_ZombieZapper1.1.zip
Posted Feb 16, 2000
Site razor.bindview.com

Zombie Zapper v1.1 Windows NT Source Code - Zombie Zapper [tm] is a free, open source tool that can tell a zombie system flooding packets to stop flooding. It works against Trinoo, TFN, and Stacheldraht. It does assume various defaults used by these attack tools are still in place, but allows you to put the zombies to sleep.

Changes: Supports shutting down of Troj_Trinoo (wintrinoo), bugfix for stopping unix trinoo.
tags | denial of service
systems | windows, nt
MD5 | cf325363e6db32489313303a0a1011fe
zombie.tar
Posted Feb 16, 2000
Site razor.bindview.com

Zombie Zapper Unix version 1.0 - Zombie Zapper [tm] is a free, open source tool that can tell a zombie system flooding packets to stop flooding. It works against Trinoo, TFN, and Stacheldraht. It does assume various defaults used by these attack tools are still in place, but allows you to put the zombies to sleep.

tags | denial of service
systems | unix
MD5 | cda205b3ccd0c6d014498a8d204e259d
icmpenum-1.1.tgz
Posted Feb 16, 2000
Authored by Simple Nomad | Site razor.bindview.com

This is a proof-of-concept tool to demonstrate possible distributed attacking concepts, such as sending packets from one workstation and sniffing the reply packets on another.

tags | denial of service
MD5 | 887a4b39a441342a46a392bddced1aaa
DDSA_Defense.htm
Posted Feb 16, 2000
Authored by Simple Nomad | Site razor.bindview.com

Distributed Denial of Service Defense Tactics - This paper details some practical strategies that can be used by system administrators to help protect themselves from distributed denial of service attacks as well as protect themselves from becoming unwitting attack nodes against other companies.

tags | denial of service
MD5 | e1f0aceb853031be5bb2d08b3d12c772
tfn3k.txt
Posted Feb 14, 2000
Authored by Mixter

TFN3k is a paper about the future of DDOS tools, how they can be used, and the dangerous features that can and probably will be implemented in the future. Also has information on establishing Network Intrusion Detection (NIDS) Rules for DDOS attacks.

tags | denial of service
MD5 | f1466777d721d4f9217b4a1627315faa
TFN2k_Analysis.htm
Posted Feb 11, 2000
Authored by Woody Thrower, Jason Barlow | Site www2.axent.com

This document is a technical analysis of the Tribe Flood Network 2000 (TFN2K) distributed denial-of-service (DDoS) attack tool, the successor to the original TFN Trojan by Mixter.

tags | denial of service, trojan
MD5 | 0c37df4a37a47a7796b46d5b840a3628
firstaid.txt
Posted Feb 11, 2000
Authored by Mixter | Site mixter.void.ru

Mixters guide to defending against DDOS - 10 Proposed 'first-aid' security measures which should be implemented by anyone at risk.

tags | denial of service
MD5 | fc483ecea83567cb0345cc2edf2227c6
Project_ZombieZapper.zip
Posted Feb 11, 2000
Site razor.bindview.com

Zombie Zapper v1.0 Windows NT Source Code - Zombie Zapper [tm] is a free, open source tool that can tell a zombie system flooding packets to stop flooding. It works against Trinoo, TFN, and Stacheldraht. It does assume various defaults used by these attack tools are still in place, but allows you to put the zombies to sleep.

tags | denial of service
systems | windows, nt
MD5 | 0f7bfb0e11284f151391a1981e2a3bde
UW-CSE-00-02-01.tgz
Posted Feb 11, 2000
Authored by Stefan Savage | Site cs.washington.edu

This paper describes a technique for tracing anonymous attacks in the Internet back to their source. This work is motivated by the increased frequency and sophistication of denial-of-service attacks and by the difficulty in tracing packets with incorrect, or "spoofed", source addresses. In this paper we describe a general purpose traceback mechanism based on probabilistic packet marking in the network. Our approach allows a victim to identify the network path(s) traversed by an attacker without requiring interactive operational support from Internet Service Providers (ISPs). Moreover, this traceback can be performed "post-mortem" -- after an attack has completed. We present one implementation of this technology that is incrementally deployable, (mostly) backwards compatible and can be efficiently implemented using conventional technology. In pdf and postscript format.

tags | denial of service, spoof
MD5 | efe5d0155497aada70fa6594c60433e0
cisco-newsflash.htm
Posted Feb 11, 2000

Cisco Newsflash - Distributed Denial of Service. Contains information to help you understand how DDoS attacks are orchestrated, recognise programs used to launch DDoS attacks, and apply measures to prevent the attacks (including anti-spoofing commands, egress filtering, RPF and CEF, ACL's, rate limiting for SYN packets). Also contains information on gathering forensic information if you suspect an attack, and learning more about host security.

tags | denial of service, spoof
systems | cisco
MD5 | 7c18c020e8436f0a308e7e315655f43c
rid-1_0.tgz
Posted Feb 9, 2000
Authored by David Brumley

RID is a configurable remote DDOS tool detector which can remotely detect Stacheldraht, TFN, Trinoo and TFN2k if the attacker did not change the default ports.

tags | remote, denial of service
MD5 | e954c79898465597d0da783738460554
stachel.tgz
Posted Feb 8, 2000

StacheldrahtV4 - (German for "barbed wire") combines features of the "trinoo" distributed denial of service tool, with those of the original TFN, and adds encryption of communication between the attacker and stacheldraht masters and automated update of the agents.

tags | denial of service
MD5 | 110065233eb12ee3a1a5c88b985f865e
find_ddos_v31_intel.tar.Z
Posted Feb 7, 2000
Site fbi.gov

Find_ddos Version 3.1 (solaris intel) - In response to a number of recent distributed denial-of-service (DDOS) attacks that have been reported, the NPIC has developed a tool to assist in combating this threat. The tool (called "find_ddos") is intended to scan a local system that is either known or suspected to contain a DDOS program. It is capable of scanning executing processes on Solaris 2.6 or later, and of scanning local files on a Solaris 2.x (or later) system. The tool will detect several known denial-of-service attack tools including tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client.

tags | denial of service, local
systems | solaris
MD5 | 48dccf4539bc56e7569868617f3393b6
find_ddos_v31_linux.tar.Z
Posted Feb 7, 2000
Site fbi.gov

Find_ddos Version 3.1 (linux) - In response to a number of recent distributed denial-of-service (DDOS) attacks that have been reported, the NPIC has developed a tool to assist in combating this threat. The tool (called "find_ddos") is intended to scan a local system that is either known or suspected to contain a DDOS program. It is capable of scanning executing processes on Solaris 2.6 or later, and of scanning local files on a Solaris 2.x (or later) system. The tool will detect several known denial-of-service attack tools including tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client.

tags | denial of service, local
systems | linux, solaris
MD5 | e2687f1cfaa3cca954836fa8a1846eb8
find_ddos_v31_sparc.tar.Z
Posted Feb 7, 2000
Site fbi.gov

Find_ddos Version 3.1 (sparc) - In response to a number of recent distributed denial-of-service (DDOS) attacks that have been reported, the NPIC has developed a tool to assist in combating this threat. The tool (called "find_ddos") is intended to scan a local system that is either known or suspected to contain a DDOS program. It is capable of scanning executing processes on Solaris 2.6 or later, and of scanning local files on a Solaris 2.x (or later) system. The tool will detect several known denial-of-service attack tools including tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client.

tags | denial of service, local
systems | solaris
MD5 | 53ca1f544fdab923a56e0065bea60b54
funtimeApocalypseWin.zip
Posted Jan 13, 2000
Authored by The Pull

Dynamic IP's getting you down in your search for a better distributed attack? Don't think remote control, think "timed fuse". This is "concept code" designed to show the real danger of Windows systems being rooted en masse and used in a distributed attack scenario. Beta, no updates.

tags | remote, denial of service, root
systems | windows
MD5 | fa0b14af5de2225b1b833367357e24cc
find_ddos_v3_intel.tar.z
Posted Jan 13, 2000
Site fbi.gov

Find_ddos Version 3 (intel) - In response to a number of recent distributed denial-of-service (DDOS) attacks that have been reported, the NPIC has developed a tool to assist in combating this threat. The tool (called "find_ddos") is intended to scan a local system that is either known or suspected to contain a DDOS program. It is capable of scanning executing processes on Solaris 2.6 or later, and of scanning local files on a Solaris 2.x (or later) system. The tool will detect several known denial-of-service attack tools.

Changes: Detects tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client. This new version (find_ddosV3) is now available for Solaris on Sparc or Intel platforms and will no longer improperly identify itself or any previous version as a DDOS program.
tags | denial of service, local
systems | solaris
MD5 | 22d01a06fd182104f09252cc95accee7
find_ddos_v3_sparc.tar.z
Posted Jan 13, 2000
Site fbi.gov

Find_ddos Version 3 (sparc) - In response to a number of recent distributed denial-of-service (DDOS) attacks that have been reported, the NPIC has developed a tool to assist in combating this threat. The tool (called "find_ddos") is intended to scan a local system that is either known or suspected to contain a DDOS program. It is capable of scanning executing processes on Solaris 2.6 or later, and of scanning local files on a Solaris 2.x (or later) system. The tool will detect several known denial-of-service attack tools.

Changes: Detects tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client. This new version (find_ddosV3) is now available for Solaris on Sparc or Intel platforms and will no longer improperly identify itself or any previous version as a DDOS program.
tags | denial of service, local
systems | solaris
MD5 | 0ca230338f56b5d8ee6b538be77abddc
dscan-0.4.tar.gz
Posted Jan 7, 2000
Authored by Andrew Kay

A simple distributed port scanner that uses many computers to conduct a port scan which should make it harder to trace the source. This release of dscan has many improvements of the last release, for a full list see the HISTORY file in the archive. Dscan started off as proof of concept code and has now turned into a project for testing new techniques such as linked lists. This release does not come with UDP port scanning support but a patch file should be available in a few days time to add UDP support.

tags | denial of service, udp, proof of concept
MD5 | 3c2bb813c280c1a902e2f385e8c0a543
sickenscan.tar
Posted Jan 6, 2000
Authored by David Dittrich, Marcus Ranum

"gag" is a program to remotely scan for "stacheldraht" agents, which are part of an active "stacheldraht" network. It will not detect trinoo, the original Tribe Flood Network (TFN), or TFN2K agents. Tested on linux/solaris/AIX/BSD.

tags | denial of service
systems | linux, solaris, bsd, aix
MD5 | 735e6aeaeb3262d11a092a649b0b7813
find_ddosV2.tar.Z
Posted Jan 4, 2000
Site fbi.gov

Find_ddos Version 2 - In response to a number of recent distributed denial-of-service (DDOS) attacks that have been reported, the NPIC has developed a tool to assist in combating this threat. The tool (called "find_ddos") is intended to scan a local system that is either known or suspected to contain a DDOS program. It is capable of scanning executing processes on Solaris 2.6 or later, and of scanning local files on a Solaris 2.x (or later) system. The tool will detect several known denial-of-service attack tools, including the trinoo daemon, trinoo master, enhanced tfn daemon, tfn daemon, tfn client, tfn2k daemon, tfn2k client, and the tfn-rush client.

Changes: Detects TFN2k.
tags | denial of service, local
systems | solaris
MD5 | f6ec5a4d095195575468dda4adb088ed
TFN_toolkit.htm
Posted Jan 4, 2000
Authored by Randy Marchany | Site sans.org

Analysis of TFN-Style Toolkit v 1.1 - One of our systems was compromised and prompt action by the local sysadmin prevented the hackers from running their cleanup scripts. Consequently, we were able to get the toolkit that they were using against us. This toolkit contains components that are similar to what is in the TFN toolkit.

tags | denial of service, local
MD5 | 041e3e37ef839cbb8854b8a129075874
stacheldraht.analysis
Posted Jan 4, 2000
Authored by David Dittrich | Site staff.washington.edu

The following is an analysis of "stacheldraht", a distributed denial of service attack tool, based on source code from the "Tribe Flood Network" distributed denial of service attack tool. Stacheldraht (German for "barbed wire") combines features of the "trinoo" distributed denial of service tool, with those of the original TFN, and adds encryption of communication between the attacker and stacheldraht masters and automated update of the agents.

tags | denial of service
MD5 | 40a973414685d1eee7d607575441ca3a
trinokiller.c
Posted Dec 31, 1999
Site afro-productions.com

This program remotely kills trino nodes on version 1.07b2+f3 and below.

tags | denial of service
MD5 | 99ad3fbf7d8800eac6a71a083da19cb8
tfn2k.tgz
Posted Dec 20, 1999
Authored by Mixter | Site 1337.tsx.org

Tribe Flood Network 2000. Using distributed client/server functionality, stealth and encryption techniques and a variety of functions, TFN can be used to control any number of remote machines to generate on-demand, anonymous Denial Of Service attacks and remote shell access. The new and improved features in this version include Remote one-way command execution for distributed execution control, Mix attack aimed at weak routers, Targa3 attack aimed at systems with IP stack vulnerabilities, Compatibility to many UNIX systems and Windows NT, spoofed source addresses, strong CAST encryption of all client/server traffic, one-way communication protocol, messaging via random IP protocol, decoy packets, and extensive documentation. Currently no IDS software will recognise tfn2k.

tags | remote, denial of service, shell, spoof, vulnerability, protocol
systems | windows, unix, nt
MD5 | fc1cb14f2e24cdc2b64f93dde22f8420
Page 3 of 4
Back1234Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
After False Hawaii Missile Notice, FCC Launches Investigation
Posted Jan 15, 2018

tags | headline, government, usa, cyberwar
MaMi Malware Targets Mac OS X DNS Settings
Posted Jan 15, 2018

tags | headline, malware, dns, fraud, apple
Meltdown-Spectre Patches Causing Issues With Industrial Companies
Posted Jan 15, 2018

tags | headline, flaw, patch, scada, intel
Oracle Still Silent On Meltdown, But Lists Patches For x86 Servers Among 233 New Fixes
Posted Jan 15, 2018

tags | headline, database, flaw, patch, oracle, intel
House Expands Warrantless Surveillance Against US Citizens
Posted Jan 12, 2018

tags | headline, government, privacy, usa, phone, spyware, nsa
Retpoline Fix Supposedly Solves Performance Hits For Spectre
Posted Jan 12, 2018

tags | headline, flaw, google, patch, intel
EMC, VMware Security Bugs Throw Gasoline On Cloud Security Fire
Posted Jan 12, 2018

tags | headline, amazon, flaw, intel
Mueller Adds DOJ Cybercrime Prosecutor To His Team
Posted Jan 12, 2018

tags | headline, government, usa, russia, cybercrime, fraud, fbi
Android Trojan Targets North Korea Defectors And Their Supporters
Posted Jan 11, 2018

tags | headline, government, malware, cyberwar, korea
Bitcoin-Crazy South Korea May Face A Ban On Trading
Posted Jan 11, 2018

tags | headline, government, bank, korea, cryptography
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close