[Gllug] Code Red worm sleeps?

David Irvine co2cool at yahoo.com
Thu Aug 2 01:35:08 UTC 2001


--- Richard Cohen <richard at vmlinuz.org> wrote:
> On Wed, 1 Aug 2001, jim wrote:
> 
> > On Wed, 1 Aug 2001, The Flying Hamster wrote:
> > > http://markl.tech.ftech.net/codered.php3
> >
> > Thanks for that. Nice curve.
> 
> I've had 5 attacks so far today...
> 
> > > but it's not at a level which I'm interested in
> yet.
> >
> > It's certainly not the doomsday scenario that was
> predicted. I've still
> > only had the one. From an epidemiological point of
> view, what sort of
> > proportion of the population would need to be
> vulnerable for it to take
> > off properly, I wonder?
> 
> I just had a thought - talking to a collegue here. 
> What would it take to
> write something which fit the following:
> 
> Any machine from which an attack originates is
> unpatched and vunerable.
> How about a counter-virus which would utilise the
> known vunerability on the
> attacking machine to both wipe out the worm from
> that machine, and install
> the patch (or something smaller and simpler, maybe)
> such that the machine is
> then no longer vunerable?
> 
Wouldn't it be better to write a virus that exploits
this 'automatic remote update feature' deletes windows
completely and powers down or installs linux.  Problem
sovled either way.

David



=====
"Artificial Intelligence is no match for human stupitity!"


__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list