What Does a Spreading Worm Look Like?

quibbs0 writes "When a new worm spreads around the world, people want to know if they are protected. How fast is it? How does it spread? A new simulation program developed by Symantec Research Labs not only has the answers, it also provides pictures."

launching a windows executable from a link

[codepunk]

That is exactly what it looks like, a windows executable installer launched off of a web page with unknow origin.

Fastest way to spread a worm...

[D4MO]

Linking directly to an MSI file in a slashdot story.

Appropriate packaging

[PowerBert]

It's good to see the worm simulator is only slightly less platform independant than your average worm.

Perhaps Symantec figure the only ones who would want to look at a spreading worm are those most affected by it??

Snake Oil for sale

[Marcus+Erroneous]

Is it just me or do others see some issues with the people who provide the cure also providing the pictures documenting the severity of the infection? Symantec, for one, has already been slammed for sounding the alarms and hyping the dangers in order to elevate the demand for their product. Now I'm to trust their software that shows dramatic footage!! of these insidious worms assaulting the world as we know it.
Next you'll probably want me to go ask the Bush camp if we should invade Iran or the Democrats if we should repeal the two term law and re-elect Clinton again. On my way I'll stop by the car dealership and see if my current car is okay or if I should get a new one just to be safe.

Re:Snake Oil for sale

[utexaspunk]

while i agree that the antivirus companies have some dubious tactics, i dunno if this is really all that inappropriate. people studying diseases often study transmission patterns and infection rates, but we don't accuse them of any impropriety. you'd expect an oncologist to have some decent pictures of a cancer spreading, wouldn't you?

Re:Snake Oil for sale

[iritant]

On its own I wouldn't discount what Semantec says. However, "simulations" generally involve models, and those models have assumptions. What are the assumptions in this model, I wonder? We already know that a virus can travel roughly at the speed of a disk drive's ability to write.

It would be more interesting to see a study of computer-based virii versus biological ones. How about some real epidemiologists take a crack at it? Perhaps they already have..

Anyone? Anyone? Bueller?

*Yawn*

[mattmentecky]

I guess it's a nifty little cute program in a non-technical sense. But I see nothing more here than a program that (at least seemingly) arbitrarily places a red dot on a spinning globe biased to developed nations along a timeline where you can load up various "different worms" which frankly all look the same. I would say this is one step up from a clunky/dorky flash. It would have been nice if it was at all a little bit more technical.

Re:*Yawn*

[-brazil-]

If they look all the same to you, you didn't look at all of them. The Slammer looks radically different from all the others. Due to its tiny size and rapid mode of travel (UDP packets sent to random IP numbers), it spread extremely quickly to nearly all vulnerable systems - but only relatively few systems (those running MS SQL server) were vulnerable.

Goodbye Slashdot.

[shippo]

I've been reading (and occasionally posting) to Slashdot for years.

However this farcical link to a .MSI file has convinced me that you are now just a bunch of clueless morons.

Goodbye.

Re:Goodbye Slashdot.

[utexaspunk]

and all the comments mentioning the stupidity of the .msi link didn't make us not morons? everyone agrees the editors suck, but i think it's safe to say most of us don't come here for the quality articles. most of us don't even read them! we're here for the discussion.

anyway, don't let the door hit you on the way out!

Agent USA

[Sporkinum]

Agent USA was the original virus simulator. It was a game for the Atari 800 in 1985.

From TFA

[Laurentiu]

The Worm Simulator will be rolled out initially to members of the Symantec Sales organization for demonstrations to enterprise customers. In addition, the Worm Simulator could become a future television star during news coverage of worm outbreaks, enabling viewers to watch a virus as it spreads. Symantec Security Response intends to use the simulator for TV appearances as well.

Translation:
We invented a new, computer-assisted sales pitcher. It could also be used as a FUD spreader on TV.

You mean...

[hummassa]

A linux binary that could chmod +x itself, and then execute? Preferently as root, so it can open a port in the iptables firewall? :-) Yeah, I didn't think so either.

Re:end to end linkage

[daniel_mcl]

Another reason is that the Windows architecture, unlike Linux or the BSD core of OS X, was never designed to be used in network or multiuser settings and even now that NT-based systems are the norm the old DOS mentality prevails. A large number of the exploits in Windows are based on the ability to embed executable code in pretty much anything that should not have executable code in it -- word processor documents, emails, etc.

It's not hard at all to find whatever flavor of UNIX system you want in huge concentrations; sites such as Yahoo and Google run huge farms of them, for instance, as do most research institutions. If one of these was to be infected with a worm you can be sure it'd spread pretty quickly.