Re: Internet Wide DOS Attack using IRC

From: Diane Bruce (dbat_private)
Date: Fri Oct 02 1998 - 20:11:38 PDT

Next message: Kameron Gasso: "Re: Internet Wide DOS Attack using IRC"

Previous message: Paralyse: "Re: Internet Wide DOS Attack using IRC"
Maybe in reply to: dbarba: "Internet Wide DOS Attack using IRC"
Next in thread: Kameron Gasso: "Re: Internet Wide DOS Attack using IRC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Samuel Cossette says:
>
> I have done my own investigation about it;
>
> First it's not Back Orifice, it's another fuck*** trojan, spread by a DCC
...
> With 500 "clones" they can easily split an irc server with the command
> MOTD :irc.server.net (.do raw command).

  Funny you should mention this one. I coded up the anti-flood code
for ircd-hybrid-5.3p2. This is exactly why 5.3p2 is out.
It slows down MOTD requests plus some other requests...
Its been sucessful in preventing this attack from working.

-Dianora ircd-hybrid coder/EFnet admin
(for the curious, ftp.blackened.com/pub/irc/hybrid/ircd-hybrid-5.3p2.tar.gz)

--
Diane Bruce, http://www.db.net/~db  http://www.db.net email dbat_private
"Yeah, but it's a great picture of a toaster oven." lathrop at primenet dot com

Next message: Kameron Gasso: "Re: Internet Wide DOS Attack using IRC"
Previous message: Paralyse: "Re: Internet Wide DOS Attack using IRC"
Maybe in reply to: dbarba: "Internet Wide DOS Attack using IRC"
Next in thread: Kameron Gasso: "Re: Internet Wide DOS Attack using IRC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:18:37 PDT