At 4:32 pm CST on February 28, 2002, monitoring programs on the Honeypot University network reported abnormal network traffic on a campus computer. The logs revealed that an intruder installed a binary executable on the computer by exploiting some unknown vulnerability. A copy of the binary was sent to the CigitalHoney Labs for investigation.
According to the analysis report released this morning, the CigitalHoney Labs was able to reveal the purpose of the binary executable and what the intruder had done on the system. The binary was identified as a Distributed Denial of Service attack tool. It was said that the tool is similar to the those used by hackers to flood Yahoo and Ebay in 1999. An analyst team in the Labs had worked through a process known as reverse-engineering to discover the binary's encoding algorithm. It was believed that the intruder made use of a system in Australia and didn't cause any serious damages to the campus computer.
The FBI is working with its counterpart in Australia to investigate the origin of the intruder.