Or you could just add a line to rid (http://theorygroup.com/Software/RID) to send the right packet info and not worry about the response. When I wrote the tool, I wanted to make it general enough to do such things, and hopefully it's succeeded. Also, you can up the number of times it sends the packet to be assured that the clients received the message (since we're dealing w/ protocols where delivery is not gaurenteed.) cheers, -david On Tue, 15 Feb 2000, Simple Nomad wrote: > I've written a tool for remotely telling ddos zombies to stop flooding. > Most detectors out there will not detect during a flood (due to the > traffic involved), so I thought trying to turn the flood off might be kind > of nice. Like the detectors, it assumes default settings on the ddos > daemons. Works against Trinoo, TFN, and Stacheldraht. > > Go to http://razor.bindview.com/ and follow the links to Zombie Zapper, > unix and NT versions available with source code. > > - Simple Nomad - No rest for the Wicca'd - > - thegnomeat_private - www.nmrc.org - > - thegnomeat_private - razor.bindview.com - > -- #+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+# David Brumley - Stanford Computer Security - dbrumleyat_private Phone: +1-650-723-2445 WWW: http://www.stanford.edu/~dbrumley Fax: +1-650-725-9121 PGP: finger dbrumley-pgpat_private #+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+# c:\winnt> secure_nt.exe Securing NT. Insert Linux boot disk to continue...... "I have opinions, my employer does not."
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:35:48 PDT