[69440] in North American Network Operators' Group
Re: Packet anonymity is the problem?
daemon@ATHENA.MIT.EDU (Jeff Workman)
Sun Apr 11 17:57:05 2004
Date: Sun, 11 Apr 2004 17:56:19 -0400
From: Jeff Workman <jworkman@pimpworks.org>
To: nanog@merit.edu
In-Reply-To: <40799254.5050804@ttec.com>
Errors-To: owner-nanog-outgoing@merit.edu
--On Sunday, April 11, 2004 2:45 PM -0400 Joe Maimon <jmaimon@ttec.com>
wrote:
> Therefore the "good" people should beat the bad people to the punch and
> write the worm first. Make it render the vulnerable system invulnerable
> or if neccessary crash it/disable the port etc..... so that the "lazy"
> administrators fix it quick without losing their hard drive contents or
> taking out the neighborhood.
>
> Such "corrective" behavior as suggested by you might also be implemented
> in such a "proactive" worm.
>
> How many fewer zombies would there be if this was happening?
As I understand it, Netsky is supposed to be such a worm. Doesn't seem to
make much of a difference, does it?
I thought that Nachi/Welchia was supposed to be such a worm as well, and it
ended up doing more harm than good.
-J
--
Jeff Workman | jworkman@pimpworks.org | http://www.pimpworks.org
