Slashdot Mirror

← Back to Stories (view on slashdot.org)

Anti-Santy Worm Patches phpBB Flaw

Posted by michael on from the whether-you-like-it-or-not dept.

sebFlyte writes "Interesting Santy worm story -- there's now an anti-Santy worm proliferating, which spreads the same way as a normal worm, but rather than killing machines or taking control of them, it gives them security updates..." We mentioned the Santy worm about ten days ago.

21 of 245 comments (clear)

  1. Aren't... by Anonymous Coward · · Score: 5, Funny

    worms that remove/kill the MS OS is the same as a security patch?

    1. Re:Aren't... by Anonymous Coward · · Score: 1, Funny

      hummmm. I guess that would make my Linux admin a worm?

    2. Re:Aren't... by adlaiff6 · · Score: 2, Funny

      Only if they install linux...otherwise, it's just a blessing.

  2. hohoho by Anonymous Coward · · Score: 2, Funny

    Ho-ho-holes

  3. I can imagine explaining this... by Chemisor · · Score: 5, Funny

    "You see Mom, there are Good worms and there are Bad worms"

    1. Re:I can imagine explaining this... by krautcanman · · Score: 2, Funny

      Ralph: "And when the doctor told me I didn't have any more worms was the best day of my life."

  4. If the anti-Santy worm... by shigelojoe · · Score: 5, Funny

    ...and the Santy worm come in contact, would it cause the server to asplode in a brilliant flash of light?

  5. Re:White Worms by Texodore · · Score: 4, Funny

    I have a white worm the updates my system. It pops with the name "Automatic Updates."

  6. Good Worms, Bad Worms by mohrt · · Score: 4, Funny

    Using a worm as a way to help instead of wreak havoc, this is an interesting idea. Why don't they carry this idea over to Spam and use it to send me things I'm actually interested in?

  7. Re:Well, in that case... by ErichTheWebGuy · · Score: 5, Funny

    ...give me your IP and I will login and make sure everything is in order.

    Sure, and thanks! I appreciate it. My ip is 127.0.0.1. Let me know if you find anything worth patching!

    --
    bash: rtfm: command not found
  8. What? That doesn't exist! by Epistax · · Score: 4, Funny

    Driftwood: "It's alright, that's in every contract! That's what they call the 'Sanity Clause.'"
    Fiorello: "Ha-ha-ha-ha-ha. You can't fool me...there ain't no Sanity Clause."

  9. Re:Well, in that case... by Anonymous Coward · · Score: 5, Funny

    Oh my God! I've never seen so much child and bestiality porn! You sicken me.

  10. Updating by bredk · · Score: 1, Funny

    Perhaps this will be the new way of opensource updating..?

    --
    http://slashdot.su/
  11. Re:Concealed ends? by Anonymous Coward · · Score: 1, Funny

    Dude, you just read this on Slashdot.

    Of course it hasn't been "investigated thoroughly."

  12. Re:White Worms by Anonymous Coward · · Score: 2, Funny

    Also purple worms, when handled correctly, are a good thing. If you're wearing a ring of slow digestion you can try to get swallowed on purpose for a respite. Even better, charm one for a pet; they're very tough, superior to Archons even in the endgame. (A pet purple worm can clear out the Castle easily) Or you could always polymorph to one, assuming you have some sort of polymorph control.

    If, somehow, you get infected by a worm, or maybe Juiblex, remember to use a unicorn horn immediately, or eat some eucalyptus leaves if you have them handy. (Tip: you can generate lots by shattering boulders, stone-to-fleshing the resultant rocks and polymorphing the resulting meatballs. It may take several tries.) Or, you could cast or zap cure disease.

    Good luck fighting these worms. They are surely a menace.

    Sincerely,
    @

  13. Re:Concealed ends? by Tony+Hoyle · · Score: 3, Funny

    Heh. If it patched non-GPL code the worm victim could also be sued by the FSF!

    Even better, if it managed to infect MS source then Windows would become GPL!!

  14. Re:White Worms by jnguy · · Score: 2, Funny

    What about for worms like blaster. If an antiworm was released, it could have prevented the mass chaos that broke out on the internet, slowing everything down... I think.

  15. Re:Worm Racism? by Anonymous Coward · · Score: 1, Funny

    Of course not. I think of constructive, helpful, positive people as "white" and of destructive, harmful, negative people as "my mother-in-law Warranetta."

  16. Re:White Worms by aborchers · · Score: 2, Funny

    You miss the point. If I have a system with a vulnerability on the network that is protected by an external layer of security (e.g. a firewall or gateway that blocks access to the vulnerable service) then the machine is effectively as invulnerable as if it had been patched (with respect to traffic from outside that gateway). Example: my httpd may have a security flaw, but if I have blocked port 80 at the firewall, then no request will ever be able to exploit that it.

    It is routine security practice to test patches to ensure they do not have unintended consequences. A worm bypasses the system operator, and is therefore unacceptable.

    As I closed in the original post, the situation is highly hypothetical and it is unlikely a system under such close management would be unlikely to be in the spread vector of a worm (i.e. it's probably not running an unsafe email client or unnecessary/unmonitored services). Nonetheless, responsibility for the security of a node rests with the operator of the node. A white worm has no more right or authority to enter uninvited than any other worm or virus.

    --
    Trouble making decisions? Just flip for it.
  17. Re:White Worms by aborchers · · Score: 2, Funny

    It's not a question of building around the flaw, but of not knowing whether and testing whether the patch for the flaw will harm other, more critical services. I elaborated in a different reply:

    http://slashdot.org/comments.pl?sid=134480&cid=1 12 31983

    --
    Trouble making decisions? Just flip for it.
  18. Re:White Worms by aborchers · · Score: 2, Funny

    Aren't you making an awful lot of assumptions about the nature of the machines fixed? Is it worth it to patch 1000 spam zombies but bring down one air traffic control system?

    --
    Trouble making decisions? Just flip for it.