News

CERT Reports New DDoS Tool

CERT, the computer security research unit of Carnegie Mellon University (www.cmu.edu), has reported a new tool capable of being used in Distributed Denial of Service (DDoS) attacks.

The script, which has been called mstream on the Internet, consists of two binaries, an agent and a handler. The agent sits on compromised host machines, and, when activated, sends a stream of garbage pings to a prespecified IP address. The handler manages the agents, and gives instructions to the agents when a DDoS attack is desired.

Interestingly, the agent must be installed in the root directory of the host machine, but the handler can reside in any user directory. This may make tracking malicious users more difficult, once the attack is launched.

CERT (www.cert.org) considers mstream capable of launching severe DDoS attacks like the ones that crippled Yahoo! (www.yahoo.com) and E*trade (www.etrade.com). However, there is no additional functionality that makes mstream more dangerous than trinoo or tfn.

As with most DDoS tools, the best action users can take is scan their machines for the presence of the agent on their networks, to ensure that their machines are not used as hosts.

Users can find the full report at http://www.cert.org/incident_notes/IN-2000-05.html - Christopher McConnell

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

  • Microsoft Nudging Skype for Business Users to Teams

    Microsoft on Thursday announced some perks and prods for Skype for Business unified communications users, with the aim of moving them to the Microsoft Teams collaboration service instead.

  • How To Improve Windows 10's Sound and Video Quality

    Windows 10 comes with built-in tools that can help users get the most out of their sound and video hardware.

  • Microsoft Offers More 'Solorigate' Advice Using Microsoft 365 Defender Tools

    Microsoft issued yet another article with advice on how to use its Microsoft 365 Defender suite of tools to protect against "Solorigate" advanced persistent threat types of attacks in a Thursday announcement.

comments powered by Disqus