SAN FRANCISCO (05/12/2000) - A new distributed denial-of-service (DDoS) tool found recently in computers at several universities may be able to avoid defenses put up by Web sites after a rash of DDoS attacks in February temporarily shut down eBay Inc., Amazon.com Inc. and others, an executive with business software vendor Computer Associates International Inc. (CA) said today.
The tool, called "mstream," has been found at several universities, including the University of Washington, where it was sitting in a computer running a Linux operating system, Alan Komet, a Computer Associates manager, said today in a phone interview.
"It's very, very sinister," Komet said. "The code has been known for a while, but it has never been out in the wild before."
Mstream is under development with an incomplete feature set, he added.
In DDoS attacks, hackers flood Web sites by launching huge amounts of data traffic from multiple servers with one or more Internet-connected systems. The tactic essentially shuts the sites down.
While companies have taken steps to stop versions of the February DDoS attacks, such as Trinoo and TFN2K, the mstream tool incorporates new software that can avoid previous prevention and detection defenses, Komet said.
Among the security product offerings now available, Computer Associates is marketing an eTrust suite that Komet said can defend against the tool. The suite includes antivirus, intrusion detection and access control software, Komet said.
Computer Associates International, in Islandia, New York, can be reached at +1-631-342-5224 or at http://www.cai.com/.