Distributed Denial of Service Tools, Trin00, Tribe Flood Network, Tribe Flood Network 2000 and Stacheldraht.

Criscuolo, P J

doi:10.2172/792253

Title: Distributed Denial of Service Tools, Trin00, Tribe Flood Network, Tribe Flood Network 2000 and Stacheldraht.

Technical Report · Mon Feb 14 00:00:00 EST 2000

DOI:https://doi.org/10.2172/792253· OSTI ID:792253

Criscuolo, P J

One type of attack on computer systems is know as a Denial of Service (DoS) attack. A DoS attack is designed to prevent legitimate users from using a system. Traditional Denial of Service attacks are done by exploiting a buffer overflow, exhausting system resources, or exploiting a system bug that results in a system that is no longer functional. In the summer of 1999, a new breed of attack has been developed called Distributed Denial of Service (DDoS) attack. Several educational and high capacity commercial sites have been affected by these DDoS attacks. A DDoS attack uses multiple machines operating in concert to attack a network or site. There is very little that can be done if you are the target of a DDoS. The nature of these attacks cause so much extra network traffic that it is difficult for legitimate traffic to reach your site while blocking the forged attacking packets. The intent of this paper is to help sites not be involved in a DDoS attack. The first tools developed to perpetrate the DDoS attack were Trin00 and Tribe Flood Network (TFN). They spawned the next generation of tools called Tribe Flood Network 2000 (TFN2K) and Stacheldraht (German for Barb Wire). These DDoS attack tools are designed to bring one or more sites down by flooding the victim with large amounts of network traffic originating at multiple locations and remotely controlled by a single client. This paper discusses how these DDoS tools work, how to detect them, and specific technical information on each individual tool. It is written with the system administrator in mind. It assumes that the reader has basic knowledge of the TCP/IP Protocol.

View Technical Report

Cite

Export

Save

Research Organization:: Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)

Sponsoring Organization:: USDOE Office of Defense Programs (DP) (US)

DOE Contract Number:: W-7405-Eng-48

OSTI ID:: 792253

Report Number(s):: UCRL-ID-136939-Rev-1; TRN: US200302%%502

Resource Relation:: Other Information: PBD: 14 Feb 2000

Country of Publication:: United States

Language:: English

Similar Records

Distributed System Intruder Tools, Trinoo and Tribe Flood Network

Technical Report · Tue Dec 21 00:00:00 EST 1999 · OSTI ID:792253

Criscuolo, P J; Rathbun, T

Quantifying the Spectrum of Denial-of-Service Attacks through Internet Backscatter

Journal Article · Sun Jan 01 00:00:00 EST 2017 · OSTI ID:792253

Blenn, Norbert; Ghiëtte, Vincent; Doerr, Christian

Firewall Architectures for High-Speed Networks: Final Report

Technical Report · Mon Aug 20 00:00:00 EDT 2007 · OSTI ID:792253

Fulp, Errin W

Related Subjects

99 GENERAL AND MISCELLANEOUS//MATHEMATICS, COMPUTING, AND INFORMATION SCIENCE
BUFFERS
CAPACITY
COMPUTERS
FLOODS
TARGETS

Title: Distributed Denial of Service Tools, Trin00, Tribe Flood Network, Tribe Flood Network 2000 and Stacheldraht.

Citation Formats

Similar Records

Related Subjects