You are here

Home

ddos_scan

Sun, 06/06/2010 - 15:21Anonymous (not verified)
Comment: 
Scans for a limited set of distributed denial of service agents
Version: 
1.6

"dds" is a program to scan for a limited set of distributed denial of
service (ddos) agents.

At present, it scans for active instances of "trinoo", "Tribe Flood
Network" ("TFN") and "stacheldraht" agents, which were compiled
using the default values in known source distributions, such as those
found at:

http://packetstorm.securify.com/distributed/

It will *not* detect TFN2K agents.

For analyses of the three distributed denial of service attack
tools it scans for, and the methods being used by dds to identify
them, see:

http://staff.washington.edu/dittrich/misc/trinoo.analysis
http://staff.washington.edu/dittrich/misc/tfn.analysis
http://staff.washington.edu/dittrich/misc/stacheldraht.analysis

md5: 
MD5 (ddos_scan.tar) = ae06b752558704a15329fc4d4097aa85
Category: 
security
Url: 
http://staff.washington.edu/dittrich/misc/ddos/