Re: AW: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)

[Markus Kern <markus-kern () gmx net>]

Steinhart Alexander wrote:
> > Clever tool with immoral, unethical and possibly illegal use.
> I would not like to discuss here the moral... It's question of the time
> and a (Anti)Worm is free, but I don't hope this a Scriptkiddy who set a
> beta version into the world...
>
> My question, whether it participates meaningful one antiworm, to let
> stop at a certain time and not with a certain percentage (I hope
> millionth... part) of found servers to "patch"?

I don't know if I've fully understood you but I think you're asking if it
wouldn't be better to make an anti-worm stop after a certain percentage
of hosts have been patched than after a certain time has passed.

Assuming that the malicious worm is scanning the net randomly the anti-worm
could monitor the frequency of intrusion attempts and shut itself down if 
the rate falls below a certain threshold.

An interesting idea I didn't think of when coding CRclean.

regards,
Markus Kern