DDoS Defenses (cont.)
¨Check for zombies via  “Find DDoS”  http://www.nipc.gov/warning/advisories/2000/00-44-htm
–Scans Linux and Solaris systems locally looking for Tin00, TFN, TFN2K, Mstream, Stacheldraht, and Trinity
¨Use Zombie Zapper to deactivate active zombies configured with default ports and passwords
–http://razor.bindview.com/tools/ZombieZapper_form.shtml
¨