[69441] in North American Network Operators' Group
Re: Packet anonymity is the problem?
daemon@ATHENA.MIT.EDU (Joe Maimon)
Sun Apr 11 18:04:18 2004
Date: Sun, 11 Apr 2004 18:03:39 -0400
From: Joe Maimon <jmaimon@ttec.com>
To: nanog@merit.edu
In-Reply-To: <288389351.1081706179@[192.168.1.206]>
Errors-To: owner-nanog-outgoing@merit.edu
Jeff Workman wrote:
>
>
>
> --On Sunday, April 11, 2004 2:45 PM -0400 Joe Maimon
> <jmaimon@ttec.com> wrote:
>
>> Therefore the "good" people should beat the bad people to the punch and
>> write the worm first. Make it render the vulnerable system invulnerable
>> or if neccessary crash it/disable the port etc..... so that the "lazy"
>> administrators fix it quick without losing their hard drive contents or
>> taking out the neighborhood.
>>
>> Such "corrective" behavior as suggested by you might also be implemented
>> in such a "proactive" worm.
>>
>> How many fewer zombies would there be if this was happening?
>
>
> As I understand it, Netsky is supposed to be such a worm. Doesn't seem
> to make much of a difference, does it?
>
> I thought that Nachi/Welchia was supposed to be such a worm as well,
> and it ended up doing more harm than good.
One could argue that those were implementation issues, probably
performed by people who did not know what they were doing.
>
> -J
>
> --
> Jeff Workman | jworkman@pimpworks.org | http://www.pimpworks.org
>
>
