| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: toddtowles at brookshires.com (Todd Towles) Subject: The 'good worm' from HP Allan is right. I didn't notice people calling it a worm. It is suppose to be a patch management product that will actually use the expolit hole to patch the box. It is a controlled problem and should be used only on computers control by the corporation that owns the software. But is it still a good idea...I don't think so. Exploiting stuff sometimes crashes systems and could corrupt stuff. Why do it that way, when you could just apply a patch directly. -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of fulldisclosure@...eraxe.demon.nl Sent: Saturday, August 21, 2004 4:07 AM To: full-disclosure@...ts.netsys.com Subject: RE: [Full-Disclosure] The 'good worm' from HP -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I really don't KNOW what HP is doing, but I would assume that it's just a 'product' and not a worm. Meaning, you can probably setup 1 system on your network that scans a specified range (for example only your workstations if you're worried about your servers getting autopatched). So any machines that are somehow not picked up by your normal patch management system (maybe it's not a member of your domain ..) will still get patched. I also assume they will not 'infect' any machines to use them to scan further (ie worm behaviour). I'm not saying this is all good or bad, but I was reading this thread and it seems you are all expecting HP to just let this loose on the internet. Allan [snip] I hope the HP folk have read it and thought very carefully about all this... (Sadly the media reports are too "light and fluffy" to make anything sensible of what HP is really proposing.) [/snip] - - -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQScQtpNqa4mRthN9EQL1lwCfb594IT8yK46290dA7VGw1Gw/YcQAn0O3 16uV3oCHHymuvCGUqHPoY4uc =+HGg -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists