DDoS Defenses (cont.)
¨
Check for zombies via
“Find DDoS”
http://www.nipc.gov/warning/advisories/20
00/00-44-htm
–
Scans Linux and Solaris systems locally
looking for Tin00, TFN, TFN2K, Mstream,
Stacheldraht, and Trinity
¨
Use Zombie Zapper to deactivate active
zombies configured with default ports and
passwords
–
http://razor.bindview.com/tools/ZombieZapper
_form.shtml
¨