[NTLUG:Discuss] Red Worm flood on port 80

Steve Baker sjbaker1 at airmail.net
Sun Aug 5 02:34:45 CDT 2001 

Fred James wrote:
 
> I am not very good at this, but I was once given these two questions,
> which I have found helpful when I can remember them:
> (1) To decide if it is ethical, ask what it would be like if everyone
> did it.
> (2) To decide if it is moral, ask what it would be like if it were done
> to you.

You forgot the third one:

  (3) To decide if it's legal, take seven years of Law degree and
      forget rules (1) and (2).

   :-)

> Additionally, I understand that the attacks are often mounted from
> unwitting servers which have themselves be compromised.
> 
> And then I have to admit that the "blast back" approach has crossed my
> mind, too, and not without relish at the thought.

I like the idea of a counter-virus that goes in and installs the missing
patch - then trawls back through the saved email on the system to find
out who sent the infected message and spread backwards to that system to
clean it up too.  Because this anti-virus could target systems that it
KNEW were open to the exploit, it ought to be able to spread faster than
the original virus (which has to reach out randomly) - and shut itself
down automatically when it's work is done.

The concept of a computer "virus" was born (I believe) 
in an ancient SciFi book "When Harvey Was One" which postulated that when
*NORMAL* programs were transmitted over networks (this was pre-Internet),
they would occasionally be corrupted and once in a VERY long time, that
change would be an improvement and people would start to download it instead
of the original.

Sooner or later, one of these "evolved" programs would turn rogue and start
corrupting other systems deliberately (at which time they are "Viruses"),
and that people would have to learn to write "Antibody" programs to spread
around and take them out.

The author (I forget who it was) didn't forsee the possibility of some
dumb kid DELIBERATELY letting one loose on the world - and that the
principle mechanism of mutation would be even more dumb kids tweaking
the code to make it still nastier.

However, the idea of a backwards spreading antibody is a good one - but
unfortunately, it's still not legal.

Didn't I hear of such a thing having been detected in the wild some time
ago?

----------------------------- Steve Baker -------------------------------
HomeMail : <sjbaker1 at airmail.net>   WorkMail: <sjbaker at link.com>
HomePage : http://web2.airmail.net/sjbaker1
Projects : http://plib.sf.net     http://tuxaqfh.sf.net  http://tuxkart.sf.net
           http://agtoys.sf.net   http://prettypoly.sf.net
           http://freeglut.sf.net http://toobular.sf.net

More information about the Discuss mailing list