Trinoo Analysis

SYN Flood -

Analysis:
- randomize() never called
- 65534 is not complete TCP port range

Can you guess how to detect?

Previous slide Next slide Back to first slide View graphic version