Those binaries have been there for about a month, the same time as the Feds published the "trinoo" alert (about half a year late, but who's counting). This page has the date: http://www.fbi.gov/nipc/welcome.htm Somehow I doubt that the NIPC wrote the code. -Declan At 10:44 2/10/2000 -0600, Rodney Caston wrote:
I'm not sure if this is news or not, but looking at http://www.fbi.gov/nipc/trinoo.htm - it seems the NIPC has released binaries, (no source code, the jerks), for tools to detect if a box has trin00, tribal flood net, tfn2k and some other DDoSD's on it.
So far they have a sparc solaris, intel solaris, and x86 linux binary for download. While I am shocked to see a government agency writing potentially usefull code so quickly, I am dissappointed they didn't release their source code so it can be ported to say.. FreeBSD? .. AIX .. HP/UX ... and so on...
Rodney Caston Southwestern Bell Internet Services