Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

Distributed Denial of Service Tools, Trin00, Tribe Flood Network, Tribe Flood Network 2000 and Stacheldraht.

Technical Report ·
DOI:https://doi.org/10.2172/792253· OSTI ID:792253
 [1]
  1. LLNL
+ Show Author Affiliations

One type of attack on computer systems is know as a Denial of Service (DoS) attack. A DoS attack is designed to prevent legitimate users from using a system. Traditional Denial of Service attacks are done by exploiting a buffer overflow, exhausting system resources, or exploiting a system bug that results in a system that is no longer functional. In the summer of 1999, a new breed of attack has been developed called Distributed Denial of Service (DDoS) attack. Several educational and high capacity commercial sites have been affected by these DDoS attacks. A DDoS attack uses multiple machines operating in concert to attack a network or site. There is very little that can be done if you are the target of a DDoS. The nature of these attacks cause so much extra network traffic that it is difficult for legitimate traffic to reach your site while blocking the forged attacking packets. The intent of this paper is to help sites not be involved in a DDoS attack. The first tools developed to perpetrate the DDoS attack were Trin00 and Tribe Flood Network (TFN). They spawned the next generation of tools called Tribe Flood Network 2000 (TFN2K) and Stacheldraht (German for Barb Wire). These DDoS attack tools are designed to bring one or more sites down by flooding the victim with large amounts of network traffic originating at multiple locations and remotely controlled by a single client. This paper discusses how these DDoS tools work, how to detect them, and specific technical information on each individual tool. It is written with the system administrator in mind. It assumes that the reader has basic knowledge of the TCP/IP Protocol.

Research Organization:
Lawrence Livermore National Lab., CA (US)
Sponsoring Organization:
USDOE Office of Defense Programs (DP) (US)
DOE Contract Number:
W-7405-ENG-48
OSTI ID:
792253
Report Number(s):
UCRL-ID-136939-Rev-1
Country of Publication:
United States
Language:
English

Similar Records

Distributed System Intruder Tools, Trinoo and Tribe Flood Network
Technical Report · Mon Dec 20 23:00:00 EST 1999 · OSTI ID:792254
Quantifying the Spectrum of Denial-of-Service Attacks through Internet Backscatter
Journal Article · Sat Dec 31 23:00:00 EST 2016 · OSTI ID:1544376
Automatic DDoS Attack Detection on SDNs: Preprint
Conference · Tue Sep 27 00:00:00 EDT 2022 · OSTI ID:1890731

Related Subjects

99 GENERAL AND MISCELLANEOUS
BUFFERS
CAPACITY
COMPUTERS
FLOODS
TARGETS