[Gllug] Code Red worm sleeps?
Jim Bailey
jim at lateral.net
Wed Aug 1 16:32:56 UTC 2001
On Wednesday, August 1, 2001, at 04:18 PM, Richard Cohen wrote:
>
> I just had a thought - talking to a collegue here. What would it take
> to
> write something which fit the following:
>
> Any machine from which an attack originates is unpatched and vunerable.
> How about a counter-virus which would utilise the known vunerability on
> the
> attacking machine to both wipe out the worm from that machine, and
> install
> the patch (or something smaller and simpler, maybe) such that the
> machine is
> then no longer vunerable?
>
> Purely a thought experiment, but still...
>>
I think it has already been done with the Red Hat lion worm? I don't
have the links, but if I remember the anti-viral companies were
seriously unhappy about it. if anyone has the links I would be
interested.
Thanks Jim
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/enriched
Size: 909 bytes
Desc: not available
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20010801/1b4d56e0/attachment.bin>
More information about the GLLUG
mailing list