Few downloaded FBI tool to detect e-commerce attacks

The National Infrastructure Protection Center anticipated the kind of massive denial-of-service attacks that crippled a number of commercial electronic commerce sites last week and offered a free software tool to help detect the software "demons or zombies" used to carry out those attacks. But few Internet Service Providers or World Wide Web-based companies downloaded the tool from the NIPC Web site.

Michael Vatis, NIPC director, said the FBI-managed NIPC anticipated the denial-of-service attacks over the New Year — expecting that hackers would take advantage of Year 2000 date code concerns and confusion to launch such attacks — but few ISPs or Web sites took advantage of the availability of the tool. This "is the first time in history the FBI has given away software," Vatis said. But, prior to last week's attacks, he said "only 2,600" individuals downloaded the software.

The tool enables system administrators to detect demons or zombies that hackers surreptitiously inserted into network servers and then remotely triggered to launch the attacks last week.

Three users who downloaded the software detected the attack code, notified NIPC "and we opened cases," said Vatis, interviewed at last week's West 2000 conference in San Diego sponsored by the Armed Forces Communications and Electronics Association and the U.S. Naval Institute. Vatis declined to say what progress — if any — the FBI has made with those criminal cases. He added that he suspected that the number of downloads of the free software tool had sharply increased since the e-commerce attacks.


FBI counter-denial-of-service software

The executable file available at this page (find_ddosv31_{platform}.tar.Z) is for Solaris 2.5.1, Solaris 2.6 and Solaris 7 on SPARC or Intel platforms and Linux on Intel platforms. This file will not work on a Windows-based PC.

Files include:


SPARC Executable File (tar, compressed format)

Linux Executable File (tar, compressed format)

Intel Executable File (tar, compressed format)

Checksums (the MD5 Checksums are provided to verify the integrity of the files)

BY Bob Brewin
Feb. 14/2000 - 11:30 EST

More Related Links


  • Workforce
    Shutterstock image 1658927440 By Deliris masks in office coronavirus covid19

    White House orders federal contractors vaccinated by Dec. 8

    New COVID-19 guidance directs federal contractors and subcontractors to make sure their employees are vaccinated — the latest in a series of new vaccine requirements the White House has been rolling out in recent weeks.

  • FCW Perspectives
    remote workers (elenabsl/Shutterstock.com)

    Post-pandemic IT leadership

    The rush to maximum telework did more than showcase the importance of IT -- it also forced them to rethink their own operations.

Stay Connected