Or you could just add a line to rid (http://theorygroup.com/Software/RID)
to send the right packet info and not worry about the response.
When I wrote the tool, I wanted to make it general enough to do such
things, and hopefully it's succeeded. Also, you can up the number of
times it sends the packet to be assured that the clients received the
message (since we're dealing w/ protocols where delivery is not
gaurenteed.)
cheers,
-david
On Tue, 15 Feb 2000, Simple Nomad wrote:
> I've written a tool for remotely telling ddos zombies to stop flooding.
> Most detectors out there will not detect during a flood (due to the
> traffic involved), so I thought trying to turn the flood off might be kind
> of nice. Like the detectors, it assumes default settings on the ddos
> daemons. Works against Trinoo, TFN, and Stacheldraht.
>
> Go to http://razor.bindview.com/ and follow the links to Zombie Zapper,
> unix and NT versions available with source code.
>
> - Simple Nomad - No rest for the Wicca'd -
> - [EMAIL PROTECTED] - www.nmrc.org -
> - [EMAIL PROTECTED] - razor.bindview.com -
>
--
#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#
David Brumley - Stanford Computer Security - [EMAIL PROTECTED]
Phone: +1-650-723-2445 WWW: http://www.stanford.edu/~dbrumley
Fax: +1-650-725-9121 PGP: finger [EMAIL PROTECTED]
#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#
c:\winnt> secure_nt.exe
Securing NT. Insert Linux boot disk to continue......
"I have opinions, my employer does not."
