Full Disclosure mailing list archives
RE: The 'good worm' from HP
From: "Todd Towles" <toddtowles () brookshires com>
Date: Sat, 21 Aug 2004 19:57:53 -0500
Allan is right. I didn't notice people calling it a worm. It is suppose to be a patch management product that will actually use the expolit hole to patch the box. It is a controlled problem and should be used only on computers control by the corporation that owns the software. But is it still a good idea...I don't think so. Exploiting stuff sometimes crashes systems and could corrupt stuff. Why do it that way, when you could just apply a patch directly. -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of fulldisclosure () wateraxe demon nl Sent: Saturday, August 21, 2004 4:07 AM To: full-disclosure () lists netsys com Subject: RE: [Full-disclosure] The 'good worm' from HP -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I really don't KNOW what HP is doing, but I would assume that it's just a 'product' and not a worm. Meaning, you can probably setup 1 system on your network that scans a specified range (for example only your workstations if you're worried about your servers getting autopatched). So any machines that are somehow not picked up by your normal patch management system (maybe it's not a member of your domain ..) will still get patched. I also assume they will not 'infect' any machines to use them to scan further (ie worm behaviour). I'm not saying this is all good or bad, but I was reading this thread and it seems you are all expecting HP to just let this loose on the internet. Allan [snip] I hope the HP folk have read it and thought very carefully about all this... (Sadly the media reports are too "light and fluffy" to make anything sensible of what HP is really proposing.) [/snip] - - -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQScQtpNqa4mRthN9EQL1lwCfb594IT8yK46290dA7VGw1Gw/YcQAn0O3 16uV3oCHHymuvCGUqHPoY4uc =+HGg -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: The 'good worm' from HP, (continued)
- Re: The 'good worm' from HP Nick FitzGerald (Aug 20)
- RE: The 'good worm' from HP fulldisclosure (Aug 21)
- Re: The 'good worm' from HP michael williamson (Aug 21)
- Re: The 'good worm' from HP Maarten (Aug 21)
- Re: The 'good worm' from HP michael williamson (Aug 21)
- Re: The 'good worm' from HP Nick FitzGerald (Aug 20)
- Re: The 'good worm' from HP Bart . Lansing (Aug 23)
- RE: The 'good worm' from HP Nick FitzGerald (Aug 20)
- RE: The 'good worm' from HP joe (Aug 22)
- Re: The 'good worm' from HP The Central Scroutinizer (Aug 22)
- Re: The 'good worm' from HP stephane nasdrovisky (Aug 23)
- Re: The 'good worm' from HP Valdis . Kletnieks (Aug 23)
- RE: !SPAM! RE: The 'good worm' from HP Yaakov Yehudi (Aug 24)