"DoSTrack v2.0
1997 MCI Telecommunications
Code is available at: ftp://ftp.mci.net/outgoing/dostrack742812.tar
DoSTracker WEB PAGE is at http://www.security.mci.net/dostracker"
However, I was unable to get this to function properly with my Cisco. It
never got past the "Password:" prompt. Any ideas?
I had to modify code to parse the password file. I did not try to
determine if this was because I wasn't using the recommended
hardware/software platform, or because the tool was created to work
with a MCI specific environment.
Darin
While I can't comment on this specific problem, MCI's dostracker doesn't
work if you are running DCEF. This makes dostracker useless in many
networks.
-dorian
Then you damn well better not be permitting any of the following:
1) Forged source addresses (this CAN be stopped with specific filters
on your interfaces, although some will bitch about the performance
impact - depending on their specific choices)
2) Directed broadcasts (which are used to "create" these DOS attacks by
bouncing the attack off a particularly-well-connected location,
USUALLY a provider's internal infrastructure).
Block both of those and Smurfs would disappear. If you can trace the TRUE
source of such an attack quickly, people will go to jail for this. The only
reason they are popular is because the source addresses CAN be forged.
THIS CAN BE PREVENTED.