Full Disclosure mailing list archives

Re: msblast DDos counter measures - a new worm to fix the problem

From: Paul Schmehl <pauls () utdallas edu>
Date: Fri, 15 Aug 2003 12:13:31 -0500

Yeah, that's just what we need. Then we get to explain to users that*some* worms are bad, and other worms are good.


NOT!!!

--On Friday, August 15, 2003 03:20:12 PM +0200 Daniel Rudolph<lists () daniel-rudolph de> wrote:

Hi,

i have an (maybe) new idea that worth discussing.

What about writing a new worm based on the well know exploit - this worm
should do something like:

- disinfect the machine from the know variants of msblast
- install the patch or at least inform the user that he should to that
- spread out like every worm does ;-)


Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: msblast DDos counter measures (More Insight Maybe?) Christopher Lyon (Aug 15)
- RE: msblast DDos counter measures (More Insight Maybe?) B3r3n (Aug 15)
  - Re: msblast DDos counter measures (More Insight Maybe?) Vladimir Parkhaev (Aug 15)
- Re: msblast DDos counter measures (More Insight Maybe?) Chris Garrett (Aug 15)
  - msblast DDos counter measures - a new worm to fix the problem Daniel Rudolph (Aug 15)
    - Re: msblast DDos counter measures - a new worm to fix the problem Paul Schmehl (Aug 15)
    - Re: msblast DDos counter measures - a new worm to fix the problem Ron DuFresne (Aug 15)
- <Possible follow-ups>
- RE: msblast DDos counter measures (More Insight Maybe?) Christopher Lyon (Aug 15)
  - Re: msblast DDos counter measures (More Insight Maybe?) Vladimir Parkhaev (Aug 15)
- RE: msblast DDos counter measures (More Insight Maybe?) Christopher Lyon (Aug 15)
  - Re: msblast DDos counter measures (More Insight Maybe?) Vladimir Parkhaev (Aug 15)