[Gllug] Code Red worm sleeps?
kim at aldigital.co.uk
kim at aldigital.co.uk
Wed Aug 1 18:40:40 UTC 2001
> > Any machine from which an attack originates is
> > unpatched and vunerable.
> > How about a counter-virus which would utilise the
> > known vunerability on the
> > attacking machine to both wipe out the worm from
> > that machine, and install
> > the patch (or something smaller and simpler, maybe)
> > such that the machine is
> > then no longer vunerable?
> >
> Wouldn't it be better to write a virus that exploits
> this 'automatic remote update feature' deletes windows
> completely and powers down or installs linux. Problem
> sovled either way.
i think that removing the update feature, shuting down the
nic and uninstalling the device drivers would sufice.
as if they'd know anyway? besides it'd bring it up to its
maximum security level (C5) with a keyboard and floppy
attached.
yours,
kim
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list