6 files changed, 76 insertions, 0 deletions

diff --git a/security/ddos-scan/Makefile b/security/ddos-scan/Makefile
new file mode 100644
index 00000000000..cca671f85e2
--- /dev/null
+++ b/security/ddos-scan/Makefile
@@ -0,0 +1,28 @@
+# $NetBSD: Makefile,v 1.1.1.1 2000/02/11 10:47:16 agc Exp $
+#
+
+DISTNAME=	ddos_scan
+PKGNAME=	ddos-scan-20000211
+CATEGORIES=	net security x11
+MASTER_SITES=	http://staff.washington.edu/dittrich/misc/
+EXTRACT_SUFX=	.tar
+
+MAINTAINER=	packages@netbsd.org
+HOMEPAGE=	http://staff.washington.edu/dittrich/
+
+DECOMPRESS_CMD=	${CAT}
+ALL_TARGET=	default dds
+
+.include "../../mk/bsd.prefs.mk"
+
+.if ${OPSYS} == "SunOS"
+MAKE_ENV+=	CPPFLAGS=""
+.elif ${OPSYS} == "NetBSD"
+MAKE_ENV+=	LIBS=""
+.endif
+
+do-install:
+	${INSTALL_PROGRAM} ${WRKSRC}/dds ${PREFIX}/sbin/dds
+	${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/dds
+
+.include "../../mk/bsd.pkg.mk"
diff --git a/security/ddos-scan/files/md5 b/security/ddos-scan/files/md5
new file mode 100644
index 00000000000..41083a046f4
--- /dev/null
+++ b/security/ddos-scan/files/md5
@@ -0,0 +1,3 @@
+$NetBSD: md5,v 1.1.1.1 2000/02/11 10:47:16 agc Exp $
+
+MD5 (ddos_scan.tar) = eee80e78d59de7667967e20fe57441d0
diff --git a/security/ddos-scan/pkg/COMMENT b/security/ddos-scan/pkg/COMMENT
new file mode 100644
index 00000000000..78321c9fb34
--- /dev/null
+++ b/security/ddos-scan/pkg/COMMENT
@@ -0,0 +1 @@
+scan for a limited set of distributed denial of service (ddos) agents
diff --git a/security/ddos-scan/pkg/DESCR b/security/ddos-scan/pkg/DESCR
new file mode 100644
index 00000000000..ca5e146b51d
--- /dev/null
+++ b/security/ddos-scan/pkg/DESCR
@@ -0,0 +1,22 @@
+"dds" is a program to scan for a limited set of distributed denial of
+service (ddos) agents.
+
+At present, it scans for active instances of "trinoo", "Tribe Flood
+Network" ("TFN") and "stacheldraht" agents, which were compiled
+using the default values in known source distributions, such as those
+found at:
+
+        http://packetstorm.securify.com/distributed/
+
+It will *not* detect TFN2K agents.
+
+For analyses of the three distributed denial of service attack
+tools it scans for, and the methods being used by dds to identify
+them, see:
+
+        http://staff.washington.edu/dittrich/misc/trinoo.analysis
+        http://staff.washington.edu/dittrich/misc/tfn.analysis
+        http://staff.washington.edu/dittrich/misc/stacheldraht.analysis
+
+See CHECKSUMS.asc for PGP signed MD5 checksums.
+
diff --git a/security/ddos-scan/pkg/MESSAGE b/security/ddos-scan/pkg/MESSAGE
new file mode 100644
index 00000000000..44c988d149c
--- /dev/null
+++ b/security/ddos-scan/pkg/MESSAGE
@@ -0,0 +1,19 @@
+LEGALESE
+========
+
+This software should only be used in compliance with all applicable laws and
+the policies and preferences of the owners of any networks, systems, or hosts
+scanned with the software
+
+The developers and licensors of the software provide the software on an "as
+is" basis, excluding all express or implied warranties, and will not be liable
+for any damages arising out of or relating to use of the software.
+
+THIS SOFTWARE IS MADE AVAILABLE "AS IS", AND THE UNIVERSITY OF WASHINGTON
+DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, WITH REGARD TO THIS SOFTWARE,
+INCLUDING WITHOUT LIMITATION ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS FOR A PARTICULAR PURPOSE, AND IN NO EVENT SHALL THE UNIVERSITY OF
+WASHINGTON BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY
+DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, TORT (INCLUDING NEGLIGENCE) OR STRICT LIABILITY, ARISING
+OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
diff --git a/security/ddos-scan/pkg/PLIST b/security/ddos-scan/pkg/PLIST
new file mode 100644
index 00000000000..9af1115c144
--- /dev/null
+++ b/security/ddos-scan/pkg/PLIST
@@ -0,0 +1,3 @@
+@comment $NetBSD: PLIST,v 1.1.1.1 2000/02/11 10:47:16 agc Exp $
+sbin/dds
+share/doc/dds