Distributed System Intruder Tools, Trinoo and Tribe Flood Network
- LLNL
Trinoo and Tribe Flood Network (TFN) are new forms of denial of Service (DOS) attacks. attacks are designed to bring down a computer or network by overloading it with a large amount of network traffic using TCP, UDP, or ICMP. In the past, these attacks came from a single location and were easy to detect. Trinoo and TFN are distributed system intruder tools. These tools launch DoS attacks from multiple computer systems at a target system simultaneously. This makes the assault hard to detect and almost impossible to track to the original attacker. Because these attacks can be launched from hundreds of computers under the command of a single attacker, they are far more dangerous than any DoS attack launched from a single location. These distributed tools have only been seen on Solaris and Linux machines, but there is no reason why they could not be modified for UNIX machines. The target system can also be of any type because the attack is based on the TCP/IP architecture, not a flaw in any particular operating system (OS). CIAC considers the risks presented by these DoS tools to be high.
- Research Organization:
- Lawrence Livermore National Lab., CA (US)
- Sponsoring Organization:
- USDOE Office of Defense Programs (DP) (US)
- DOE Contract Number:
- W-7405-ENG-48
- OSTI ID:
- 792254
- Report Number(s):
- UCRL-ID-136939
- Country of Publication:
- United States
- Language:
- English
Similar Records
Distributed Denial of Service Tools, Trin00, Tribe Flood Network, Tribe Flood Network 2000 and Stacheldraht.
A Transport-Friendly NIC for Multicore-Multiprocessor Systems
Automatic DDoS Attack Detection on SDNs: Preprint
Technical Report
·
Sun Feb 13 23:00:00 EST 2000
·
OSTI ID:792253
A Transport-Friendly NIC for Multicore-Multiprocessor Systems
Journal Article
·
Sun Aug 01 00:00:00 EDT 2010
· TBD
·
OSTI ID:1967404
Automatic DDoS Attack Detection on SDNs: Preprint
Conference
·
Tue Sep 27 00:00:00 EDT 2022
·
OSTI ID:1890731