TCP_DDOS Trin00 Attacker to Master default startup password


Code: p396

Severity: Warning


Description: This event is generated when a pong packet for the Trinoo (aka trin00) DDos suite is detected.

Impact: This may indicate a compromised system or be the prelude to a Distributed Denial of Service (DDoS) attack.

Corrective: Disconnect infected machine(s) from the network immediately. Use software to determine if a host has been compromised using a rootkit.