Slashdot Mirror

← Back to Stories (view on slashdot.org)

Internet Immunization

Posted by Zonk on from the nature-saves-us-from-leet-haxxors dept.

xav_jones writes "Nature.com reports on computer experts from Israel who are proposing a different strategy for combating fast-spreading worms and viruses -- one in which the fix can, theoretically, keep up with or stay ahead of the malicious code. They 'propose a system in which a few honeypot computers lie in wait for viruses. These computers run automated software that first identifies the virus, and then sends out its signature across the Internet. This enables a sentinel program on all the other computers in the network to identify the virus and bar it before it can attack them.' The honeypot computers would reside in a secure, dedicated network. For 'roughly 200 million computers ... [with] just 800,000 [(0.004%)] of them acting as honeypots [it] would restrict a viral outbreak to 2,000 machines.'"

9 of 229 comments (clear)

  1. A fine idea . . . by taustin · · Score: 5, Insightful

    Except that no system is prefectly secure.

    And once someone finds a hole in this magic system, it will become the most effective means of distributing viruses ever invented.

  2. Huh?!? by Locke2005 · · Score: 4, Insightful

    The honeypot computers would reside in a secure, dedicated network Wouldn't that make it just a little difficult for the honeypots to contract a virus? Or is this some new definition of the word "secure" that I'm not familiar with?

    --
    I've abandoned my search for truth; now I'm just looking for some useful delusions.
    1. Re:Huh?!? by Krach42 · · Score: 4, Insightful

      I'm actually more worried that, if this secure and seperate network is easily identifiable, that one could avoid it simply by saying for example: "Don't attempt to infect any machines in the network 128.123.x.x"

      --

      I am unamerican, and proud of it!
  3. and who foots the bill... by SpectralDesign · · Score: 3, Insightful

    ...for the ~1 million honey-pots, their connectivity, and their management?

    --
    Be who you are and say what you feel, because those who mind don't matter and those who matter don't mind. - Dr. Seuss
  4. Didn't we try this with Spam? by thisissilly · · Score: 4, Insightful

    So now, instead of getting spam for viagra, I get spam for v1agra, vi4gra, vyagra, viegra, etc.

    Virus writers will just add mutational code to their virius, so each instance of infection will have a unique signature.

  5. 1+1=11 by glaswegian · · Score: 5, Insightful
    For 'roughly 200 million computers ... [with] just 800,000 [(0.004%)] of them acting as honeypots [it] would restrict a viral outbreak to 2,000 machines.'

    I make it 0.4% ...

  6. i got it! by ajdowntown · · Score: 3, Insightful

    Ok, I think i figured it out!

    If I find out a way to infect the singal the honeypots are sending out, then I can infect even more people, because the people relying on the honeypot machines won't be running anti-virus programs themselves.

    Hmm, that would be fun!

  7. Load Of Dung by Spinlock_1977 · · Score: 5, Insightful

    I like the magic part where this incredibly advanced piece of software figures out that the machine has been infected. It's so smart, in fact, it can figure out what viral signature can uniquely identify it.

    Ya know, if ya had some code that could reliably identify virii without signatures, wouldn't we all be running *that* on all our desktops?

    --
    - The Kessel run is for nerf herders. I can circumnavigate the entire Central Finite Curve in a lot less than 12 parse
  8. honeypot on secure network? by Eric+Smith · · Score: 4, Insightful
    The honeypot computers would reside in a secure, dedicated network.
    Doesn't that defeat the purpose? Don't they need to be on an insecure network to collect samples of the malware?