| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <EE035D329C16C942AE4A6F513F330E07AA1F2E@haydn.cti.depaul.edu> Date: Mon May 16 04:28:04 2005 From: cstejere at cti.depaul.edu (Stejerean, Cosmin) Subject: RE: Benign Worms (Cosmin Stejerean) >> regular patching. There might be some cases when writing a quick "worm" to >> patch rogue machines automatically might be better (especially to patch >> laptops connected to a wireless hotspot, etc) but since it is risky it > Nope.. You don't *know* that a worm will or won't actually hit that > vulnerable Laptop. It *probably* will, given enough time. > Or you can just have an attack-trained DHCP server, and *know* that laptop > will get fixed when it rears its head on the network. ;) That would be perhaps the best way to do this or as Nick was mentioning in an earlier email, have the DHCP server scan the machine, not penetrate it, then put it in a VLAN that can only access the site of the vendor to download the patch or a page on your own network mentioning that the machine is vulnerable / infected and that it needs to be patched to access your network. While not the best way to handle patch management I still think the idea of benign worms is one worth researching and experimenting with. I won't say anything else on the subject. Cosmin Stejerean -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3726 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050515/d01910ef/smime.bin
Powered by blists - more mailing lists