Fighting Spyware, Malware and Adware one File at a Time.
Navigation Links

Database of Spyware Home

About the Project

View the Database

Forums

Database of Spyware Site Map

Terms of Use

Carko

Overview

Summary

 

Stacheldraht v1.666 + antigl + yps distributed denial of service tool with some minor modifications. Stacheldraht consists of three parts -- a master server, a client, and an agent program -- and runs on Linux and Solaris machines. Stacheldraht performs several types of flooding attacks, and has IRC flooding options.

The original "Stacheldraht" (German for "barbed wire") DDoS tool was based upon the "Tribal Flood Network" and "trin00" DDoS tools, and added encryption of communication between the attacker and stacheldraht masters and automated update of the agents.

These DDoS tools crippled many high-profile e-commerce sites such as Yahoo!, eBay, and Amazon during February, 2000 by overwhelming these servers with enormous amounts of traffic, thus preventing legitimate requests from being fulfilled. These new tools were detected in corporate networks, as well as in personal computers with high speed network connections. The prevalence of high speed DSL and cable modem service magnifies these tools' potential effectiveness.

Alias

 Stacheldraht v1.666 (original),

Category

 DDoS: A Distributed Denial of Service (DDoS) attack is one that pits many machines against a single victim. An example is the attacks of February 2000 against some of the biggest websites. Even though these websites have a theoretical bandwidth of a gigabit/second, distributing many agents throughout the Internet flooding them with traffic can bring them down. The Internet is defenseless against these attacks. The best defense is for users everywhere to run PestPatrol, and remove DDoS clients when they are found, so that their machines are not used as attack tools. Another approach is for ISPs to do ""egress filtering"": prevent packets from going outbound that do not originate from IP addresses assigned to the ISP. This cuts down on the problem of spoofed IP addresses.

 

Origins

 

Author

 Psychoid

Others By This Author

  Litestorm.c - igmp flooder · MAN Exploit for MANPAGER environmental variable · Stacheldraht 1.666 · Tcpkill.c - multiple flags flood ·

Date of Origin

 January, 2001
 

Detection and Removal

Manual Removal

 Follow these steps to remove Carko from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake.

 


 
CapScrn  Capital.2201  Caption-it  Capture.dll  Card  Carko  CarpeDiem  Carrier  Cart32Scanner  CasClient  
 
Site Map 2006 © Copyright DatabaseofSpyware.com. All rights reserved. Terms of Use
Another Proud Thor Schrock Development