| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: fulldisclosure at wateraxe.demon.nl (fulldisclosure@...eraxe.demon.nl) Subject: The 'good worm' from HP -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I really don't KNOW what HP is doing, but I would assume that it's just a 'product' and not a worm. Meaning, you can probably setup 1 system on your network that scans a specified range (for example only your workstations if you're worried about your servers getting autopatched). So any machines that are somehow not picked up by your normal patch management system (maybe it's not a member of your domain ..) will still get patched. I also assume they will not 'infect' any machines to use them to scan further (ie worm behaviour). I'm not saying this is all good or bad, but I was reading this thread and it seems you are all expecting HP to just let this loose on the internet. Allan [snip] I hope the HP folk have read it and thought very carefully about all this... (Sadly the media reports are too "light and fluffy" to make anything sensible of what HP is really proposing.) [/snip] - - -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQScQtpNqa4mRthN9EQL1lwCfb594IT8yK46290dA7VGw1Gw/YcQAn0O3 16uV3oCHHymuvCGUqHPoY4uc =+HGg -----END PGP SIGNATURE-----
Powered by blists - more mailing lists