Slashdot Mirror

← Back to Stories (view on slashdot.org)

Good Network Worms Made Simple

Posted by samzenpus on from the what-could-go-wrong dept.

grabbag writes "Dave Aitel is pitching new technology to create "nematodes," or beneficial network worms for use in large businesses. The idea is to set up a new language and structure to create "strictly controlled" good worms on the fly. A research-type demo was given as the Hack in the Box conference where Aitel talked about a world where "strictly controlled" nematodes are used by ISPs, government organizations and large companies to show significant cost savings."

7 of 137 comments (clear)

  1. Re:distributed processing by Koushiro · · Score: 2, Informative

    RTFS. This proposal is intended for use within large businesses: the idea is to automate and improve maintenance of their internal network, not something they'd just unleash on the Internet.

    --
    Karma: Oldschool
  2. Intelligent managed networks? by jeffs72 · · Score: 3, Informative
    It would be cool if you could have these worms each perform certain functions (one to better manage spanning-tree for instance, so when a link fails spanning tree rebuilds faster for example) with some sort of AI, or really even a really good base line vs current activity comparison machine, to intelligently manage WANs and LANs.

    Be nice to have worms that watch for machines all the sudden opening ports that they never have before, all the sudden opening up multicast or what not, or even finding that bad machine sending out bad frames on the network.

    I can see a lot of flexibility with this, particularly if they are written in some sort of open source scripting language. I guess what I'm getting at is that they could be sort of like an open source distributed IDS/IDP system.

    Granted you can do all these things now with a mix of expensive monitoring tools and a lot of config work with tools like ethereal and mrtg and big brother/big sister, etc. But this might be an easier way to do the same thing.

    neato

    --
    This article has recently been linked from Slashdot. Please keep an eye on the page history for errors or vandalism.
  3. Produce? by mlibby · · Score: 2, Informative

    The worm IS the Spice... the Spice IS the worm

  4. and here is a link by mustafap · · Score: 3, Informative

    http://catless.ncl.ac.uk/Risks/16.28.html#subj3

    --
    Open Source Drum Kit, LPLC deve board - mjhdesigns.com
  5. Re:distributed processing by halcyon1234 · · Score: 2, Informative
    Distributed processing capabilities and distributed network monitoring capabilities would be great

    Correct me if I'm wrong, but isn't this the very thing that lead to the creation of the first worm? Some computer guys at Xerox PARC were looking for a way to distribute code/updates across a network, created a self-replicating program, then dubbed it "worm" after a John Brunner novel?

    So, not only is this not new... this is just what a worm was supposed to do in the fisrt place.

    --
    UTF-8: There and Back Again
  6. Re:distributed processing by 'nother+poster · · Score: 2, Informative

    Well, whether I patch or not, who knows and/or cares? My point is that if I gey MY system the way I want it then no one has a right to mess with it. Black hat or white hat it doesn't matter. It's not their system. They have laws that include prison time and/or fines for the black hats. Will the fact that the white hats didn't MEAN to do something bad give them immunity? What about patches that break things? Automatically updating/upgrading a box can make for wonderful evenings of reinstalls/rebuilds. My time is valuable.

  7. Re:distributed processing by Egregius · · Score: 2, Informative
    Uhm...no.

    The first worms were thought experiments on breaching computer security put into practice by Fred Cohen. You're confused with 'Animal' though. Scroll down to 2 thirds for a bit of backstory on that.