Few downloaded FBI tool to detect e-commerce attacks

The National Infrastructure Protection Center anticipated the kind of massive denial-of-service attacks that crippled a number of commercial electronic commerce sites last week and offered a free software tool to help detect the software "demons or zombies" used to carry out those attacks. But few Internet Service Providers or World Wide Web-based companies downloaded the tool from the NIPC Web site.

Michael Vatis, NIPC director, said the FBI-managed NIPC anticipated the denial-of-service attacks over the New Year — expecting that hackers would take advantage of Year 2000 date code concerns and confusion to launch such attacks — but few ISPs or Web sites took advantage of the availability of the tool. This "is the first time in history the FBI has given away software," Vatis said. But, prior to last week's attacks, he said "only 2,600" individuals downloaded the software.

The tool enables system administrators to detect demons or zombies that hackers surreptitiously inserted into network servers and then remotely triggered to launch the attacks last week.

Three users who downloaded the software detected the attack code, notified NIPC "and we opened cases," said Vatis, interviewed at last week's West 2000 conference in San Diego sponsored by the Armed Forces Communications and Electronics Association and the U.S. Naval Institute. Vatis declined to say what progress — if any — the FBI has made with those criminal cases. He added that he suspected that the number of downloads of the free software tool had sharply increased since the e-commerce attacks.


FBI counter-denial-of-service software

The executable file available at this page (find_ddosv31_{platform}.tar.Z) is for Solaris 2.5.1, Solaris 2.6 and Solaris 7 on SPARC or Intel platforms and Linux on Intel platforms. This file will not work on a Windows-based PC.

Files include:


SPARC Executable File (tar, compressed format)

Linux Executable File (tar, compressed format)

Intel Executable File (tar, compressed format)

Checksums (the MD5 Checksums are provided to verify the integrity of the files)

BY Bob Brewin
Feb. 14/2000 - 11:30 EST

More Related Links


  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

  • IT Modernization
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    VA plans 'strategic review' of $16B software program

    New Veterans Affairs chief Denis McDonough announced a "strategic review" of the agency's Electronic Health Record Modernization program of up to 12 weeks.

Stay Connected