Trinoo

Trinoo
TypeBotnet
Technical details
PlatformLinux, Solaris
Size13.6kb
Written inC
Preview warning: Page using Template:Infobox computer virus with unknown parameter "Fullname"

The trinoo or trin00 is a set of computer programs to conduct a DDoS attack. It is believed that trinoo networks have been set up on thousands of systems on the Internet that have been compromised by remote buffer overrun exploits.[1]

The first suspected trinoo attacks are described in CERT Incident Note 99–04.[2] A trinoo network has been connected to the February 2000 distributed denial of service attack on the Yahoo! website.[3]

Trinoo is famous for allowing attackers to leave a message in a folder called cry_baby. The file is self replicating and is modified on a regular basis as long as port 80 is active.

Trinoo was authored by a teenager from New Orleans who went by the alias phifli.

  1. ^ "Archived copy". Archived from the original on 2006-08-07. Retrieved 2006-07-29.{{cite web}}: CS1 maint: archived copy as title (link)
  2. ^ "CERT® Incident Note IN-99-04". CERT. April 1999. Archived from the original on October 16, 2009. Retrieved July 27, 2014.
  3. ^ Sinrod, Eric J.; William P. Reilly (May 2000). "Cyber Crimes: A Practical Approach to the Application of Federal Computer Crime Laws" (PDF 235 KB). Santa Clara Computer and High Technology Law Journal. 16 (2). California: Santa Clara University School of Law: 17. ISSN 0882-3383. Retrieved 2008-11-04.