Re: RTM (was: Re: Purging Blaster.worm

["Ken Jacobs" <kenneth_jacobs () msn com>]

I was afraid of that...

Have to go home and dig through my old books, but as I recall, it was 
'Shockwave Rider' by John Brunner. I've still got it in hardback.
I remember being surprised at the copyright date some time ago (being so 
'old').


> From: "Meritt James" <meritt_james () bah com>
> To: Ken Jacobs <kenneth_jacobs () msn com>
> CC: secmail () patchsupplier dyndns org, security-basics () securityfocus com,   
> kennethjacobs () starband net
> Subject: RTM (was: Re: Purging Blaster.worm
> Date: Thu, 14 Aug 2003 13:53:31 -0400
>
> Ken Jacobs wrote:
> >
> > What's scariest about all this?
> >
> > Back in the late 70's, early 80's, a science fiction writer wrote a 
> novel
> > that envisioned scenarios much like we see today. Much of the 
> terminology he
> > used then is in common use today, as are many of the concepts. He wrote 
> of a
> > network comparable to today's internet (or maybe that of the not so 
> distant
> > future), a variety of worms (and the idea of worms that eat other 
> worms).
> > The recent flap over the DARPA 'terrorist futures'? He mentioned a 
> 'delphic
> > lottery' - the idea that if enough people bet on potential futures 
> (similar
> > to the stock market), they'd actually accurately predict future events.
>
> Hmmmm.  The Adolescence of P1?  *title brain failure - core dump *
> Which title?
>
> > And all this back before Robert Morris' infamous worm..  (talk of 
> ancient
> > hsitory)
>
> I resent that.  I well recall the flail in November of '88.  I've been
> playing this game a while...  ;-)
>
> Jim
>
> > >From: "Meritt James" <meritt_james () bah com>
> > >To: Stuart <secmail () patchsupplier dyndns org>
> > >CC: security-basics () securityfocus com
> > >Subject: Re: Purging Blaster.worm
> > >Date: Thu, 14 Aug 2003 09:32:04 -0400
> > >
> > >Yes, it is possible.  No, it is not legal to do so.
> > >
> > >It has been done with another.  The one who did it is on jail for that
> > >reason.  Modifying systems which belong to someone else, no matter your
> > >reasons, is a no-no.
> > >
> > >Jim
> > >
> > >Stuart wrote:
> > > >
> > > >
> > > > -----BEGIN PGP SIGNED MESSAGE-----
> > > > Hash: SHA1
> > > >
> > > > Hi,
> > > >
> > > > Is it not possible to create another worm or modify this worm to
> > > > actually patch the machines? :)
> > > > Looking at the Symantec removal tool there is a silent mode.. A few
> > > > days back I was on the Microsoft site and I also saw an option for a
> > > > non interaction install for the RPC patch but looking through the
> > > > site now I cannot find it :(
> > > > The "fixing worm" could scan for 2 hours then purge itself?
> > > >
> > > > Just a thought
> > > >
> > > > Stu
> > > >
> > > > - -----Original Message-----
> > > > From: Andreas Rothlauf [mailto:security () bitgui de]
> > > > Sent: 13 August 2003 21:25
> > > > To: security-basics () securityfocus com
> > > > Subject: Re: Purging Blaster.worm
> > > >
> > > > Hi,
> > > >
> > > > JG>  Has anyone successfully purged the MSBlaster worm. There is a
> > > > tool out
> > > > JG> there that can do it but is it reliable?
> > > >
> > > > Symantec has made a tool available:
> > > > 
> http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.to
> > > > ol.html
> > > >
> > > > A friend told me that it works.
> > > >
> > > > greetZ //AndY
> > > >
> > > > - 
> ----------------------------------------------------------------------
> > > > - -----
> > > > - 
> ----------------------------------------------------------------------
> > > > - ------
> > > >
> > > > -----BEGIN PGP SIGNATURE-----
> > > > Version: PGP 8.0.2
> > > >
> > > > iQIVAwUBPzq4K5MRMj30dWmZAQIOCBAAy73WqYpzZSyjKb530Gefx+cJ3vhV73RN
> > > > aiFGkEtN+zaGio14/TWNNgFEDpY3DxNtbQF5GPAtw7OBV61qTsg9NOOxAJioyZV/
> > > > qftWulRdv9P7AmJ96c50ge9Gb5bVb2u6w0xIgS8pk5ButD5/z5QOOQ4mK0BRboyP
> > > > Du4EdphbMQNd6DI1cdWnQV6tX++jtMh2BnUwFSIj7WTwXIpUg4/H9PzJ/TZYx5Ro
> > > > swymEnfAusWUFWCljBG0PwTdNqFwmy4LWaCHJEIH/2MJ8ZdMlvUza6nX79yn12j6
> > > > OmavfnW0uUEX5bp3w4qF9C1b/6C7ajRlzBmqX4gG5iY28fGC+BlPAJgwhndbsJaz
> > > > id9Za7LhaErG5r3gpJiPL+Xv6nv7PCwBM0p+WhX19d1Z3JUIfmbCHekifLydmwm6
> > > > bYnG5tK9oH2K3IgzmM9m5oZYOD4sf/gUrqEGI0oK5md393xdfqv/ce/mS+VvShEk
> > > > 59yuldmgV6pG8Yg5FF+bKI2lf1f35J4iWRknHEa114i3+PveJgSOtMdR71h7Rrnk
> > > > 8j829JAtN66Z8Ndf14U2mtMmKlIIkoiq6lnc5kvq5tjKjJFTODlR70VPWfT/fu7+
> > > > C+MZulc55R2ZBp4cDe0ZriNtv9rEqWykQfc2GgIxTYvYYK1M3/861cnsoPCHudVS
> > > > 37cjHXHGHds=
> > > > =eKYz
> > > > -----END PGP SIGNATURE-----
> > > >
> > > >
> > 
> >---------------------------------------------------------------------------
> > > >
> > 
> >----------------------------------------------------------------------------
> > >
> > >--
> > >James W. Meritt CISSP, CISA
> > >Booz | Allen | Hamilton
> > >phone: (410) 684-6566
> > >
> > 
> >---------------------------------------------------------------------------
> > 
> >----------------------------------------------------------------------------
> > >
> >
> > _________________________________________________________________
> > Add photos to your messages with MSN 8. Get 2 months FREE*.
> > http://join.msn.com/?page=features/featuredemail
>
> --
> James W. Meritt CISSP, CISA
> Booz | Allen | Hamilton
> phone: (410) 684-6566

_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE*  
http://join.msn.com/?page=features/junkmail


---------------------------------------------------------------------------
----------------------------------------------------------------------------