Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)

From: "Michael R. Rudel" <mrr () thud pcs k12 mi us>
Date: Wed, 5 Sep 2001 23:58:57 -0400 (EDT)
On Thu, 6 Sep 2001, .MetsyS. wrote:



I estimate Code red (among many bugs AYT, Wu-FTP etc) will not be completly
eradicated for another few years anyway, ppl will reinstall the o/s and
forget the patch at some point.




(ATTN: Blue Boar.. I'm interested in possibly writing up an article on
this, I would appreciate it being let through...)


Of course, passive infection of something like Code Green would be helpful
in reducing silly errors like this. It is illegal under current law, but
that doesn't mean jack to me. Is it morally ethical? I would say so, but
many would disagree. Two wrongs don't make a right - is there such a thing
as breaking into someone's machine for the right reason? I'm open to
arguments, and would be interested in moving this to another link or a
private forum.. I think it would make a good article or webpage, and raise
a good question for the 'experts' to discuss. WE're to the point now where
this becomes a valid argument. Things like fakebo have existed in the
past .. even stuff like tcp_wrapper has the means to have built-in
countermeasures. I remember a rash of 'finger-wars' that went on a while
ago because people would set tcp_wrappers to auto-finger the machine
back... This is one of the first times we've seen something like 'Code
Green' that may be actually put into widespread use. Another question is
the legal considerations of being the author of such a 'program' (and
should you care what the implications are? do you?)... these are all
questions that may need to be raised.



Welcome to the cyberage, life is an an adventure.

Right... i'm finished my rant.

All comments, flames, suggestions, code, whatever welcome.

Have fun,
Harm none.




I'm not so interested in ranting or anything, but collecting opinions and
sharing them. I don't think this is something people should just decide
without seeing good arguments, because it could be something cool.. what
if Norton Antivirus was to ship with a Code Green-style utility? What if,
god help us, someone like Gibson were to release something like this?

Think about it.


--------------------------------------------------------
Michael R. Rudel * 734.417.4859 * mrr () mrrconsulting net
AOL AIM: ATSTheory * Cell E-Mail: page () mrrconsulting net
Technician, Pinckney Community Schools
Principal Engineer, Michael R. Rudel Consulting
--------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: