Slashdot Mirror

← Back to Stories (view on slashdot.org)

Don't Forget That Worms Happen Everywhere

Posted by CmdrTaco on from the stuff-to-think-about dept.

friday2k writes "Securityfocus has a nice column on Worms and their origin in 1988. It explains what everybody should never forget. We have dealt with *NIX worms (Sadmind, li0n, ...) and they will come back again. Maybe then the MS fanatics will laugh and say: didn't we always tell you Open Source is insecure (too?) ..."

5 of 391 comments (clear)

  1. Re:Regardless by Azog · · Score: 3, Interesting

    I know what would get worms back into the media for a long time - a Warhol Worm. You want to read something scary about worms, go read that. Be sure to read the section "A Worst Case Warhol Worm". It gives me the shivers to think about it.

    From the article: "A worst case Warhol Worm is truly frightening, capable of doing many billions of dollars in real damage and disruption. Since it can achieve complete spread in well under an hour, and could begin doing damage immediately on infecting a machine, human mediated responses offer almost no hope of stopping it. "

    Complete spread in under an hour! Total destruction of infected servers!

    Whee!

    Watch for one of these coming out with the next major IIS exploit.

    --
    Torrey Hoffman (Azog)
    "HTML needs a rant tag" - Alan Cox
  2. What happens when there isn't a patch ready? by BortQ · · Score: 3, Interesting
    If you patched your systems on a quarterly basis, you would not have been vulnerable to a single one of the Linux worms.

    I'm waiting for the time when a worm comes out that exploits a vulnerability that has yet to be 'discovered' yet.

    All that has to happen is for a worm writer to be the first person to find a vunerability. Then (assuming that this person is malicious) thier worm would have a tremendous advantage. They would be garanteed that every single server running that particular OS would be open to attack. If they took the time to write a really nasty worm (say it's set to replicate itself 10 times and then try and erase everything it can reach on the networks it has access to, except itself) this would quite assuredly bring a large proportion of the internet to a grinding halt.

    And you know it's got to happen some day...

    --

    A Multiplayer Strategy Game for Mac OS X, Windows, and Linux
  3. My two cents... by pi_rules · · Score: 3, Interesting
    Summary: IIS alone is providing holes for the MS platform at a rate that exceeds -every- popular *nix based product right now

    Do I have any numbers for this? Nope... I'll leave that for somebody else to dig up. I'm a BugTraq reader, and I'm amazed at the sheer number of serious IIS eploits that have recently been coming out. I haven't seen anything new in the past few weeks, which is good, but take a look at the sheer number of buffer overflows alone that have been found in IIS lately. I bet it's more, or really close, to the total number of buffer overflows found in things like sendmail, bind, apache, and event telnetd in the same time span.

    As a programmer I'm appauled here by IIS. Buffer overflows are old, but they keep coming back up. IIS is a new product, most likely written entirely in C++, which should be making the string handling much simpler than the C counter parts. These IIS holes are coming but due to either laziness, incompetence, or indifference in the MS coders parts. Theese aren't obscure either. You request a long URL and you overflow a buffer? 'Cmon here. The URL is coming from untrusted users -always-. Access point #1 into the system isn't even being looked at for possible holes... over and over.

    One would think (read: hope) that MS has got a slew of people over-looking all areas of IIS for possible buffer overflows right now. Maybe they'll actually fix some before they're found? Doubtful... given their track record of re-active security.

    Justin Buist

  4. Re:Regardless by sulli · · Score: 3, Interesting
    When was the last time you heard Linux referred to on the local news

    When IBM sprayed SF sidewalks with Linux graffiti (some is still there)

    --

    sulli
    RTFJ.
  5. Blame the language by Tom7 · · Score: 3, Interesting

    Yes, worms can happen everywhere. That's because practically all network software is written in C (or its perverse descendent, C++).

    If we were coding our network software in a secure ("safe") language (one without buffer-overflow "capabilities") such as Java, O'Caml, (or even scripting languages like Python, to an extent) we would greatly reduce our security risk. Given that these languages also typically increase productivity, it seems like a clear win to me...

    Microsoft realizes the contribution C and C++ make against stability and security; they've recently hired up a lot of famous programming language folks to work on new language technologies. Microsoft knows that large projects written in languages without sophisticated modularity constructs (ie C, C++) tend to get out of hand quickly. They're working to fix this! They're even working on technologies to improve the stability of device drivers through language technologies (see the Vault project, for instance).

    However, C has always been the UNIX platform's language. Will UNIX stay in the 60s as even Microsoft moves on? If so, I say it will be the "wormy" operating system family of the 21st century...