| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon May 16 02:33:12 2005 From: cstejere at cti.depaul.edu (Stejerean, Cosmin) Subject: RE: Bening Worms (Cosmin Stejerean) >> You would probably only do something like this in case of an emergency. >> In most cases there are a lot better ways to patch management than spreading >> a worm of your own. >Describe an emergency scenario where writing and testing a worm to do your >network is superior to deploying either a honeypot back-attack-and-patch or >centralized scan-and-patch service? I'm not saying that this is the superior way to do it. The point I was trying to make is that it is very risky and it should not be considered for regular patching. There might be some cases when writing a quick "worm" to patch rogue machines automatically might be better (especially to patch laptops connected to a wireless hotspot, etc) but since it is risky it should only be used in cases of emergency. >> Perhaps the best example of how this was used and why it should be done this >> way unless it's an emergency is the problem with the Xerox researches in >> 1978 that used worms to automate tasks on their network. The code was >> corrupted and over 200 machines crashed. > I think you meant "Why it *shouldn't* be done this way"? Sorry, that it was I meant. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3726 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050515/08ff0c78/smime.bin
Powered by blists - more mailing lists