Trinoo uses a handler/agent architecture, wherein an attacker sends commands to the handler via TCP and handlers and agents communicate via UDP. Many variations may (and will) exist that have not yet been discovered and analyzed. The reader should bear in mind that features discussed in this overview are those that have been observed in instances of attack code detected on some infected machines. The following paragraphs provide a brief overview of these popular tools. DDoS attack tools mostly differ in the communication mechanism deployed between handlers and agents, and in the customizations they provide for attack traffic generation. A detailed overview of these tools, along with a timeline of their appearance, is given in. While there are numerous scripts that are used for scanning, compromise and infection of vulnerable machines, there are only a handful of DDoS attack tools that have been used to carry out the actual attacks. This is a blended threat, as discussed in Section 4.4.2. It is very common today for attackers to bundle a large number of programs into a single archive file, often with scripts that automate its installation. Such code is typically built into a general, easily used package called an attack toolkit. While some attackers are sophisticated enough to create their own attack code, far more commonly they use code written by others.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |