Trinoo

From Wikipedia, the free encyclopedia

The trinoo or trin00 is a set of computer programs to conduct a DDoS attack. It is believed that trinoo networks has been set up on thousands of systems on the Internet that have been compromised by remote buffer overrun exploit[1].

First suspected trinoo attacks are described in CERT Incident Note 99-04

Trinoo is famous for allowing attackers to leave a message in a folder called cry_baby. The file is self replicating and is modified on a regular basis as long as port 80 is active.