Slashdot Mirror
Fight Virus With Virus?
Insanik writes "I am not an expert with internet worms like Code Red. However, I am curious if it would be possible to create a friendly worm/virus/whatever that would fight the original by using the same security holes. For instance, I read that Code Red II opens a back door. Why not have another virus that exploited the back door, closed it, then started sending itself to other servers for a certain period of time? " The submittor raises an interesting question - is this possible? I would guess so, in theory. And while we're working on Code Red, can we send a large man to the home of my latest Sircam senders and politely "ask" them to stop clicking on virii?
Why not take the Symantec Sircam cleanup utility, patch it to make it self-propagating, and then e-mail it out with the message "Hi there! I send you this because you're a stupid fscking idiot. :)"
Got Rhinos?
The problem is that 'self defense' only exists in a situation where your personal safety is at risk - like the above scenario.
It's like asking: If someone is breaking into your house to use your coffee maker, are you allowed to kick down their door and throw away all their coffee?
Basically, you can't violate someone else's rights unless your own safety is in danger.
I agree. This past monday when i first login, my W2K told me it shut down in 2 minutes because it just installed an anti-code-red. this is itself exactly a virus: executing something without owner's consent...
This past Monday? Wow. I see your administrators take their time, don't they? Or did they wait until they'd been infected to decide that it might be time to take preventative measures?
Fire and Meat. Yummy.
It's like asking: If someone is breaking into your house to use your coffee maker, are you allowed to kick down their door and throw away all their coffee?
That's a great analogy. Mostly because of the image it conjurs.
The enemies of Democracy are
And I'd say that basically nothing bad will happen to me; I'd just get a couple hundred hosts a day knocking on my door and not getting in.
But what if you were an @home customer? Then you'd say, "well, I'd be pretty much fucked and could get 1/10 the normal bandwidth from my broadband.". I don't know Tim, but he might say, "you fucking idiot, why are you with @home?".
I didn't ask my lawyer about this, because I know exactly what he would say. "catfood," he'd say, "what happens if you don't send the white-hat virus to those hosts that are probing you?" And I'd say that basically nothing bad will happen to me; I'd just get a couple hundred hosts a day knocking on my door and not getting in. And then my lawyer would say, "and what might happen if you do send the white-hat virus out?" At which point I'd say well, I guess it's remotely possible that I might break something, and the other host's manager might notice it...
And then my lawyer would say, "Don't be an idiot. You'd be exposing yourself for no benefit to yourself, right?"
Then I'd say okay, you're right, and my lawyer would send me a bill for $300.00.
I save a lot of money by asking myself, "what would Tim the Lawyer say?"
VbScript that uninstalls MS Outlook?
JiM
---
Better Living Through Reckless Experimentation
If only this sort of thing weren't illegal where I live...