Security Incidents: Re: new ddos client?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: new ddos client?

From: Andy Shelley <andy () cbeyond net>
Date: Fri, 7 Mar 2003 23:32:36 -0500

I bow to your superior google skills. My spanish is horrible, but myboss happens to be Puerto Rican. :-)

Checking for stde9 (the installer), you find it's pretty common amongmany of the trojans. So, this isn't entirely new work, itself. ThemIRC, the installer, even the packet streaming utility are allrecycled. It's the command/control function that might be of moreinterest.



On Friday, March 7, 2003, at 06:35 PM, Alex Lambert wrote:

Googling for columbus.private.net (the server's asserted 'name'), a few
things turn up:
http://www.google.com/search?q=%22columbus.private.net%22&hl=en&lr=&ie=UTF-8
&oe=UTF-8&safe=off&filter=0
My Spanish isn't great, but it can do DDoS and is similar toWORM_AGOBOT.C.
apl


----- Original Message -----
From: "Andy Shelley" <andy () cbeyond net>
To: <incidents () securityfocus com>
Sent: Friday, March 07, 2003 4:51 PM
Subject: new ddos client?

--
Andy Shelley
Cbeyond Communications
andy () cbeyond net


----------------------------------------------------------------------------

<Pre>Lose another weekend managing your IDS?
Take back your personal time.
15-day free trial of StillSecure Border Guard.</Pre>
<A href="http://www.securityfocus.com/stillsecure";> http://www.securityfocus.com/stillsecure </A>

By Date By Thread

Current thread:

new ddos client? Andy Shelley (Mar 07)
- Re: new ddos client? Alex Lambert (Mar 10)
  - Re: new ddos client? Andy Shelley (Mar 10)