Mstream is a new Distributed
Denial of Service (DDoS) attack tool for Linux/Unix similar
to Trin00 or TFN (Tribal Flood Network). It uses third party
systems in order to flood the targeted systems with packets
coming from forged addresses. Although containing some bugs,
Mstream has already been found in the field at a university
in the United States. Although MStream does not cause immediate
damage on a victimized host used in a DDoS attack, it is bad
security practice to allow these kind of tools to enter corporate
networks. To clean an infected system, the detected files must
be deleted. Note: For a general background on DDoS tools, refer
to the DDoS entry in Computer Associates virus encyclopedia
at: http://www.ca.com/virusinfo/encyclopedia/descriptions/ddos.htm
