I don't care where it purports to be from, for this kind of code, I will not trust something [to not be a trojan] that I can not compile myself. This policy applies to SSH, SSL, and other security related code. I am sure that I am not the only one with this policy.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Rodney Caston Sent: Thursday, February 10, 2000 8:45 AM To: nanog@merit.edu Subject: FBI / NIPC released a DDoSD detection tool?
I'm not sure if this is news or not, but looking at http://www.fbi.gov/nipc/trinoo.htm - it seems the NIPC has released binaries, (no source code, the jerks), for tools to detect if a box has trin00, tribal flood net, tfn2k and some other DDoSD's on it.
So far they have a sparc solaris, intel solaris, and x86 linux binary for download. While I am shocked to see a government agency writing potentially usefull code so quickly, I am dissappointed they didn't release their source code so it can be ported to say.. FreeBSD? .. AIX .. HP/UX ... and so on...
Rodney Caston Southwestern Bell Internet Services