Kinda new to this, so please bare with me if this has been done/dismissed/outlawed:
I'm the admin of a small (50+) network in a graphic design house. We've got our firewall, we use snort for NIDS, but I want to take things to the next step...a proactive defense, if you will.
I'm interested in writing, or aquiring, a nasty little virus to live contently in all of our workstations and servers. All of our hardware would be "innoculated" to prevent the little beastie from bothering us, but once an "outsider" has compromised our attempts to keep our LAN secure, that little bugger will go to work.
I'm not proposing anything malicious here, just a buggy (but polite) message that says "If you want this message to go away, please contact xxxxxx at yyy-yyy-yyyy. Your computer will now shut down."
I'm already advertising that this system is in place...our clients, and vendors are aware that if they were to come across such a message, they should pop in the provided "Innoculation CD" (filled with pure gibberish). I suppose that if this were ever put in place, I would have to distribute "updates". I figured this would also buy me some time if the (insert your favorite acronym here) came knocking at our door with a search warrant.
Slashdot Mirror
Kinda new to this, so please bare with me if this has been done/dismissed/outlawed:
I'm the admin of a small (50+) network in a graphic design house. We've got our firewall, we use snort for NIDS, but I want to take things to the next step...a proactive defense, if you will.
I'm interested in writing, or aquiring, a nasty little virus to live contently in all of our workstations and servers. All of our hardware would be "innoculated" to prevent the little beastie from bothering us, but once an "outsider" has compromised our attempts to keep our LAN secure, that little bugger will go to work.
I'm not proposing anything malicious here, just a buggy (but polite) message that says "If you want this message to go away, please contact xxxxxx at yyy-yyy-yyyy. Your computer will now shut down."
I'm already advertising that this system is in place...our clients, and vendors are aware that if they were to come across such a message, they should pop in the provided "Innoculation CD" (filled with pure gibberish). I suppose that if this were ever put in place, I would have to distribute "updates". I figured this would also buy me some time if the (insert your favorite acronym here) came knocking at our door with a search warrant.
Been-there-done-that, or am I on to something?