This text file trys to explain how the DoS programs work to the point that
you know what the hell they (try) to do.

1234, it does something with ICMP packets but i cant read the header in
the c source, im just a dumb american. By CAMELEON GROUP.

ascend-foo, an echo/echo loop, if port 7 is open on the target machine one
or 2 land type attacks will keep the packets circiling and with each loop
it adds another packet to the loop in time it can take down just about
anything.  by scut / team teso

beer, Not shure what it does exactly. By Unknown

biffit, in.comsat uses UDP, and forks, so just think about it. :)
IT CAN cripple BSD boxes. (Taken from the c source.) By sygma @undernet

boink, Modified bonk.c Crashes *patched* win95/(NT?) machines. reverse
teardrop attack. by route|daemon9 & klepto

bonk, Ditto

coke, A nasty DoS for WinNT machines, i think it floods a service with
certin UDP packets causing the service to crash and take the whole machine
with it. by crank and phuzz

conseal, The way this program kills the machine happens in 2 ways
#1 If Conseal is set for "learning" mode the flooding packets from
all the different IPs and ports will cause the program to continously
attempt to write more and more new rules.  This eventually uses up
all the resources and results in a freeze and eventually a reboot.
#2 If ConSeal is set to log attacks, once again because of the number
of packets the system resources are eaten up and the machine dies.
By Noc-Wage (M.C.S.R)

dcd3c, Not a goddamn clue, by Volatile

fawx, Sends oversized fragmented IGMP packets to a box  
either making it freeze (WinNT/9x), or lagging    
it to hell and back. Since most win32 firewalls   
dont support IGMP, the attack successfully        
penetrates into the system, making it much more
effective than an ICMP attack which is likely to  
be filtered. by ben-z

foqerc, (taken from source) /* Here's some gay source code that sends
pheared messages to CR <1.5 servers --REwT *

gewese(5), An identd flooder, should fuck mirc right into submission. by
napster

ice, linux equiv to click nuker, sends spoofed icmp unreachable messages
to irc server or user causing one of them to disconnect from one another.
by ice-man

jolt, (Taken from source)
 * Ok so all this does is build a really fraggmented over sized packet
 * and once win95 gets it, and puts it back together it locks.  I send
 * multiple packets by default cause some times it takes a few packets to
 * totally freeze the host.  Maybe its spending processor time to figure
 * out how to put them back together?
by Jeff w. Roberson

kkill, It will close almost any door of inetd. by kbyte

koc, igmp attack explained above, by klepto/defile

kox, ditto.

kod, ditto.

pimp(2), same as above but much better.

land, Windows95 freaks when a tcp packet is sent from the same host to the
same port (Older linux and some old BSD too) by FLC, m3lt (Legendary)

misfrag, self explanitory, by misteri0

mutilate, (Octopus rip) 
 * This is a port mutilator, connects as      *
 * many times as possible to a port resulting *
 * in a DoS attack or lag kill. Run it on     *
 * a small FTP server or telnet server and    *
 * watch the daemons fall....                 *
By HoGs HeaD

nestea,
 * This exploits the "off by one ip header" bug in the linux ip frag code.
 * Crashes linux 2.0.* and 2.1.*  and some windows boxes
By humble (Humble is my god)

newtear,
 *  Exploits the overlapping IP fragment bug present in all Linux kernels 
and NT 4.0 / Windows 95 (others?)
By route

octopus,
/*  This little program opens as many sockets with a remote
 *  host as can be supported by both.  It catches ^C and kill
 *  commands to shut down cleanly by closing all open connections
 *  before exiting.  Often, a remote workstation can be brought
 *  to its knees by saturating its process table via multiple
 *  invocations of sendmail.  That's why port 25 (the sendmail
 *  port) is the default.  If the target's process table (set
 *  when the target kernel was created) is filled, users will be
 *  unable to execute any shell commands.  Many MUDs also crash
 *  when the number of sockets they have open exceeds a certain
 *  number.  
By Unknown

orgasm,
lame port flooder By napster/Aut0psy

overdrop, teardrop variant. by lcamtuf

pepsi, classic udp port flooder. by Soldier@data-t.org

rape, no discription, no author (Cryptic aint it)

spiffit, biffit clone (with nice workaround), by neophyte

ssping, oversized ping (Ping of Death, POD), by Unknown

syndrop,  *  stomp on M$ SYN sequence bug and the teardrop frag fuckup at
same time!
 *  tcp instead of udp
 *
 *  based on: Newtear.c
by, PineKoan

synful, syn flooder, by \\StOrM\\

synk4, THE syn flooder. by Zakath

targa(2), interface to 8
   multi-platform remote denial of service exploits
by Mixter (My idol)

targa3,
 * IP stack penetration tool / 'exploit generator'
 * Sends combinations of uncommon IP packets to hosts
 * to generate attacks using invalid fragmentation, protocol,
 * packet size, header values, options, offsets, tcp segments,
 * routing flags, and other unknown/unexpected packet values.
 * Useful for testing IP stacks, routers, firewalls, NIDS,
 * etc. for stability and reactions to unexpected packets.
 * Some of these packets might not pass through routers with
 * filtering enabled - tests with source and destination host
 * on the same ethernet segment gives best effects.
by mixter

teardrop, see newtear, by route (Legendary)

trash(2), /* Simple denial of service attack against Windows98/95/2000/NT
Machines
   Overview: sends random, spoofed, ICMP packets with randomly choosen
   ICMP error codes.
   Result: Freezes the users machine or a CPU usage will rise to extreme
   lag.
by misteri0

udpdata, ascend-foo with udp twist, by unknown

winfreez, initiates ICMP/Redirect-host messages storm from router
 (use router ip). Windows will receive redirect-host messages
 and change own route table, therefore it will be frozen
 or slowly working during this time.
by delmore

winnuke, Out of band error message sender, by _eci
