index_T | Internet Denial of Service: Attack and Defense Mechanisms

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] [Y] [Z]

t0rnkit
targa.c program
Target-based defense
"Targeting the Innocent . . . ,"
TCP banner grabbers
TCP SYN cookie approach
TCP/IP. [See also IP headers, packets, ports, protocols.]
     definition
     stack bug
Tcpdstat program
teardrop program
Technical challenges, defense
TFN (Tribe Flood Network)
     analysis
     detection of command and control 2nd
     direct commands
     features and use 2nd 3rd
     in history 2nd
     motivation to create
     predictions about development trends
     relation to blended threats
     scanning for 2nd
     size of networks
TFN2K (Tribe Flood Network 2000)
     analysis
     detection of command and control 2nd 3rd
     features and use 2nd 3rd
     in history 2nd
     portability
     relation to 1i0n worm
     relation to blended threats
"The Bad Boys of Cyberspace,"
The Coroner's Toolkit
"The Experience of Bad Behavior . . . ,"
Third-party tools. [See tools; commercial.]
Three-way handshake
Throttling
     locality principle
     packet flow
     worms
Thrower, Woody
Timeline, tools and programs development 2nd
Timeliness, attack detection
TISSEC (Transactions on Information and System Security)
Tools. [See also malware, analysis.]
    Agobot/Phatbot. [See Agobot and Phatbot.]
     auto-rooters 2nd
     automated attacks
     blended threat 2nd
     boink program
     bonk program
     combining exploits 2nd
     command and control flow
    commercial products
         active verification
         anomaly detection 2nd 3rd
         Arbor Networks
         Captus IPS
         Captus Networks Corporation
         Cisco Guard XT
         Cisco Traffic Anomaly Detector XT
         CS3, Inc.
         data collection
         filtering
         firewalls
         flooding attacks
         Lancope
         MANAnet Firewall
         MANAnet FloodWatcher
         MANAnet Linux Router
         MANAnet Reverse Firewall
         MANAnet Shield
         Mazu Enforcer
         Mazu Networks
         overview
         Peakflow
         protocol analysis
         rate limiting
         setting triggers
         StealthWatch
         summary
         traffic monitoring 2nd
         Web server protection
         Webscreen Technologies
         WS series of applications
     cron
     detecting
     disk I/O performance
     distributed scanners and sniffers
     DoS programs
     DSIT (Distributed System Intruder Tools) Workshop 2nd 3rd 4th
     encryption
     estimating attack magnitude
    evolution of
        Agobot. [See Agobot and Phatbot.]
         boink program
         bonk program
         distributed scanners and sniffers
         DSIT (Distributed System Intruder Tools) 2nd 3rd 4th
         encryption
        Phatbot. [See Agobot and Phatbot.]
        Shaft. [See Shaft.]
         sniffers
        Stacheldraht. [See Stacheldraht.]
         teardrop program
        TFN (Tribe Flood Network). [See TFN.]
        TFN2K (Tribe Flood Network 2000). [See TFN2K.]
         timeline 2nd
        trinoo. [See trinoo.]
     exploit programs
     fapi
     Firedaemon
     for agent discovery
     FTP servers
    GTbot. [See GTbot.]
     hdparm
     historical analysis
     inetd
     iostat
     IRC bots
    kaiten/knight bot. [See kaiten/knight bot.]
     mscan
    mstream. [See mstream.]
     Nessus
     netstat
     nfsstat
     NIPC scanning tool (find_ddos) 2nd
     nmap 2nd
    Phatbot. [See Phatbot.]
     PING.EXE
    Power bot. [See Power Bot.]
     processor utilization
     ps
     rape
     RID
     scanners 2nd 3rd
     Serv-U FTP
    Shaft. [See Shaft.]
     single-threaded DoS
     sniffers 2nd
    Stacheldraht. [See Stacheldraht.]
     synk4 program
     synscan program
     system log cleaners
     targa.c
     TCP banner grabbers
     teardrop program
    TFN (Tribe Flood Network). [See TFN.]
    TFN2K (Tribe Flood Network 2000). [See TFN2K.]
     top
    Trinity. [See Trinity.]
    Trinoo. [See trinoo.]
     Trojan Horse replacements
     uptime
     vmstat
     vulnerability scanner
     Warez bots
     Zombie Zapper
top 2nd
Topological changes
Tortious Interference with Business Relationship or Expectancy
Traceback
     defense approaches
     definition
     problems using
     research
Traffic
     blocking
     capture/analysis
    legitimacy. [See service differentiation.]
     policing 2nd
     volume, role in attacks
Trafficking in Passwords (18 U.S.C. §1030(a)(6))
Transactions on Information and System Security (ACM TISSEC)
Transactions on Information and System Security (TISSEC)
Trapdoor functions
Trespassing on Government Computers (18 U.S.C. §1030(a)(3))
Tribe Flood Network (TFN). [See TFN.]
Tribe Flood Network 2000 (TFN2K). [See TFN2K.]
Trinity
     analysis
     features and use
     use of IRC 2nd
trinoo
     analysis 2nd
     detection of command and control 2nd 3rd
     direct commands
     features and use 2nd
     in forensic analysis
     in history 2nd 3rd 4th
     motivation to create
     portability
     predictions about development trends 2nd
     recruitment of agents 2nd
     scanning for 2nd
     size of networks 2nd
Trojan Horse replacements
Troll
     definition
     Trolling
Turing test