Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: RTM (was: Re: Purging Blaster.worm

From: "Meritt James" <meritt_james () bah com>
Date: Thu, 14 Aug 2003 14:10:20 -0400
Ah yes - that is the one I was thinking of.  I have the thing in
paperback.  I don't recall his "tapeworm" eating other worms, but I
recall it as being a datavore.

Jim

Ken Jacobs wrote:


I was afraid of that...

Have to go home and dig through my old books, but as I recall, it was
'Shockwave Rider' by John Brunner. I've still got it in hardback.
I remember being surprised at the copyright date some time ago (being so
'old').


From: "Meritt James" <meritt_james () bah com>
To: Ken Jacobs <kenneth_jacobs () msn com>
CC: secmail () patchsupplier dyndns org, security-basics () securityfocus com,
kennethjacobs () starband net
Subject: RTM (was: Re: Purging Blaster.worm
Date: Thu, 14 Aug 2003 13:53:31 -0400

Ken Jacobs wrote:


What's scariest about all this?

Back in the late 70's, early 80's, a science fiction writer wrote a

novel

that envisioned scenarios much like we see today. Much of the

terminology he

used then is in common use today, as are many of the concepts. He wrote

of a

network comparable to today's internet (or maybe that of the not so

distant

future), a variety of worms (and the idea of worms that eat other

worms).

The recent flap over the DARPA 'terrorist futures'? He mentioned a

'delphic

lottery' - the idea that if enough people bet on potential futures

(similar

to the stock market), they'd actually accurately predict future events.


Hmmmm.  The Adolescence of P1?  *title brain failure - core dump *
Which title?


And all this back before Robert Morris' infamous worm..  (talk of

ancient

hsitory)


I resent that.  I well recall the flail in November of '88.  I've been
playing this game a while...  ;-)

Jim


From: "Meritt James" <meritt_james () bah com>
To: Stuart <secmail () patchsupplier dyndns org>
CC: security-basics () securityfocus com
Subject: Re: Purging Blaster.worm
Date: Thu, 14 Aug 2003 09:32:04 -0400

Yes, it is possible.  No, it is not legal to do so.

It has been done with another.  The one who did it is on jail for that
reason.  Modifying systems which belong to someone else, no matter your
reasons, is a no-no.

Jim

Stuart wrote:



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

Is it not possible to create another worm or modify this worm to
actually patch the machines? :)
Looking at the Symantec removal tool there is a silent mode.. A few
days back I was on the Microsoft site and I also saw an option for a
non interaction install for the RPC patch but looking through the
site now I cannot find it :(
The "fixing worm" could scan for 2 hours then purge itself?

Just a thought

Stu

- -----Original Message-----
From: Andreas Rothlauf [mailto:security () bitgui de]
Sent: 13 August 2003 21:25
To: security-basics () securityfocus com
Subject: Re: Purging Blaster.worm

Hi,

JG>  Has anyone successfully purged the MSBlaster worm. There is a
tool out
JG> there that can do it but is it reliable?

Symantec has made a tool available:


http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.to

ol.html

A friend told me that it works.

greetZ //AndY

-

----------------------------------------------------------------------

- -----
-

----------------------------------------------------------------------

- ------

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQIVAwUBPzq4K5MRMj30dWmZAQIOCBAAy73WqYpzZSyjKb530Gefx+cJ3vhV73RN
aiFGkEtN+zaGio14/TWNNgFEDpY3DxNtbQF5GPAtw7OBV61qTsg9NOOxAJioyZV/
qftWulRdv9P7AmJ96c50ge9Gb5bVb2u6w0xIgS8pk5ButD5/z5QOOQ4mK0BRboyP
Du4EdphbMQNd6DI1cdWnQV6tX++jtMh2BnUwFSIj7WTwXIpUg4/H9PzJ/TZYx5Ro
swymEnfAusWUFWCljBG0PwTdNqFwmy4LWaCHJEIH/2MJ8ZdMlvUza6nX79yn12j6
OmavfnW0uUEX5bp3w4qF9C1b/6C7ajRlzBmqX4gG5iY28fGC+BlPAJgwhndbsJaz
id9Za7LhaErG5r3gpJiPL+Xv6nv7PCwBM0p+WhX19d1Z3JUIfmbCHekifLydmwm6
bYnG5tK9oH2K3IgzmM9m5oZYOD4sf/gUrqEGI0oK5md393xdfqv/ce/mS+VvShEk
59yuldmgV6pG8Yg5FF+bKI2lf1f35J4iWRknHEa114i3+PveJgSOtMdR71h7Rrnk
8j829JAtN66Z8Ndf14U2mtMmKlIIkoiq6lnc5kvq5tjKjJFTODlR70VPWfT/fu7+
C+MZulc55R2ZBp4cDe0ZriNtv9rEqWykQfc2GgIxTYvYYK1M3/861cnsoPCHudVS
37cjHXHGHds=
=eKYz
-----END PGP SIGNATURE-----




---------------------------------------------------------------------------




----------------------------------------------------------------------------


--
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566



---------------------------------------------------------------------------

----------------------------------------------------------------------------




_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*.
http://join.msn.com/?page=features/featuredemail


--
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566


_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail


-- 
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566

---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: