DDoS attack tool-detailed analysis of TFN2K

Source: Internet
Author: User

This article is a technical analysis of the Distributed Denial of Service (DDoS) attack tool "Tribe Flood Network 2000 (TFN2K. TFN2K is a later version of TFN, a similar attack tool compiled by German famous hacker Mixter.

For more information about the analysis of distributed denial of service attack tools such as Trinoo, TFN, and Stacheldraht, see related documents.



Client-an application used to launch attacks. Attackers can use it to send various commands.

Daemon-processes running on the proxy host receive and respond to commands from the client.

Master-the host that runs the client program.

Proxy-the host that runs the daemon.

Target Host: the target of a distributed attack (host or network ).

What is TFN2K?


TFN2K uses resources of a large number of proxy hosts to conduct coordinated attacks against one or more targets. Currently, hosts on UNIX, Solaris, and Windows NT platforms on the Internet can be used for such attacks, and this tool can be easily transplanted to other system platforms.

TFN2K consists of a client on the master host and a daemon on the proxy host. The host sends a list of target hosts to the proxy. The proxy then performs a Denial-of-Service attack on the target. Multiple proxy hosts controlled by one master can collaborate in the attack process to ensure attack continuity. The network communication between the master and proxy is encrypted, and many fake data packets may be mixed. The entire TFN2K network may use different TCP, UDP, or ICMP packets for communication. In addition, the master can forge its IP address. All these features make it very difficult or inefficient to develop strategies and technologies to defend against TFN2K attacks.

  • 1
  • 2
  • 3
  • 4
  • Next Page
[Content navigation]
Page 2: Jiyu 2nd page: TFN2K technical insider
Page 1: monitor TFN2K features Page 1: TFN2K Defense Policy

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.