('binary' encoding is not supported, stored as-is) In-Reply-To: <20020913135517.28304.qmailat_private> After the program "/tmp/.bugtraq" starts running, it becomes a member of a virtual network. Network members comunicate using UDP port 2002. The program can, when instructed (using udp port 2002): - Execute arbitrary commands on the machines - Route messages to other machines in the virtual network - Execute Tcp flood attacks - IPv6 Tcp flood - Dns flood attacks - Email scan ("Search in every machine file for emain addresses") - etc.... In 3 dias, about 1500 diferent IP address tried to contact my machine at UDP port 2002. Fortunally i have iptables configured. Regards Fernando Nunes Portugal N ote: To easily correlate this attack with others, here is the header of the "/tmp/.bugtraq.c" file. /************************************************************************** ** * * * Peer-to-peer UDP Distributed Denial of Service (PUD) * * by contem@efnet * * * * Virtually connects computers via the udp protocol on the * * specified port. Uses a newly created peer-to-peer protocol that * * incorperates uses on unstable or dead computers. The program is * * ran with the parameters of another ip on the virtual network. If * * running on the first computer, run with the ip 127.0.0.1 or some * * other type of local address. Ex: * * * * Computer A: ./program 127.0.0.1 * * Computer B: ./program Computer_A * * Computer C: ./program Computer_A * * Computer D: ./program Computer_C * * * * Any form of that will work. The linking process works by * * giving each computer the list of avaliable computers, then * * using a technique called broadcast segmentation combined with TCP * * like functionality to insure that another computer on the network * * receives the broadcast packet, segments it again and recreates * * the packet to send to other hosts. That technique can be used to * * support over 16 million simutaniously connected computers. * * * * Thanks to ensane and st for donating shells and test beds * * for this program. And for the admins who removed me because I * * was testing this program (you know who you are) need to watch * * their backs. * * * * I am not responsible for any harm caused by this program! * * I made this program to demonstrate peer-to-peer communication and * * should not be used in real life. It is an education program that * * should never even be ran at all, nor used in any way, shape or * * form. It is not the authors fault if it was used for any purposes * * other than educational. * * * *************************************************************************** */
This archive was generated by hypermail 2b30 : Fri Sep 13 2002 - 17:02:07 PDT