90d213a393
around for further forensics. As with most of the DDoS tools, this assumes the agents are using the default settings.
12 lines
680 B
Text
12 lines
680 B
Text
Zombie Zapper works against Trinoo, TFN, and Stacheldraht. Assuming
|
|
that the default passwords have not been changed, you can simply use
|
|
the same commands that an attacker would use to stop the flood. On
|
|
Trinoo, it does stop the daemon entirely (although it is typically
|
|
set to be restarted by cron, silently awaiting more commands), but
|
|
on TFN and Stacheldraht the flooding just stops. This gives you the
|
|
advantage of telling the daemon to stop flooding without stopping
|
|
the daemon, allowing you to take a little more time in tracking down
|
|
where they are, and more importantly, how they got there in the first
|
|
place.
|
|
|
|
WWW: http://razor.bindview.com/tools/ZombieZapper_form.shtml
|