RE: RE: Bening Worms (Cosmin Stejerean)

["Stejerean, Cosmin" <cstejere () cti depaul edu>]

> >    You would probably only do something like this in case of an
emergency.
> > In most cases there are a lot better ways to patch management than
spreading
> > a worm of your own.

> Describe an emergency scenario where writing and testing a worm to do your
> network is superior to deploying either a honeypot back-attack-and-patch or
> centralized scan-and-patch service?

I'm not saying that this is the superior way to do it. The point I was
trying to make is that it is very risky and it should not be considered for
regular patching. There might be some cases when writing a quick "worm" to
patch rogue machines automatically might be better (especially to patch
laptops connected to a wireless hotspot, etc) but since it is risky it
should only be used in cases of emergency.

> > Perhaps the best example of how this was used and why it should be done
this
> > way unless it's an emergency is the problem with the Xerox researches in
> > 1978 that used worms to automate tasks on their network. The code was
> > corrupted and over 200 machines crashed.

> I think you meant "Why it *shouldn't* be done this way"?

Sorry, that it was I meant.

Attachment: smime.p7s
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/