Anti-Santy Worm Patches phpBB Flaw 245
sebFlyte writes "Interesting Santy worm story -- there's now an anti-Santy worm proliferating, which spreads the same way as a normal worm, but rather than killing machines or taking control of them, it gives them security updates..." We mentioned the Santy worm about ten days ago.
White Worms (Score:3, Interesting)
Satisfaction Guarantee? (Score:2, Interesting)
Wasn't there a Welcha worm that cleaned up Blaster, and once the path was clear, it just gave you another virus?
A bit uneasy... (Score:2, Interesting)
Re:White Worms (Score:3, Interesting)
Re:Not very benificial (Score:1, Interesting)
Google wouldn't show as many results. I am a google junkie, but MSN previals in this aspect.
Anti-IE worm... (Score:5, Interesting)
Re:White Worms (Score:5, Interesting)
"If a site is infected, the worm causes a huge amount of traffic and slows down the site. I don't think it's possible to write a beneficial worm."
No such thing as a white worm (Score:5, Interesting)
Re:White Worms (Score:1, Interesting)
As others have pointed out, patching isn't always something you should do right away. In any enterprise system, you should be testing the patches and updates before you deploy them to your users. For instance, many of us wait to see if Service Pack 2 is stable before installing it. I haven't put it on my own machine yet (partly for fear of instability and partly out of laziness). If a worm came around that forced users to upgrade to SP2 right after it was released, that could be a very bad thing.
Conundrum (Score:2, Interesting)
Holes they use should never be left unpatched, even if the worm's patches are not applied.
Consider: If there was a benign strain of HIV out there that immunized you to Herpes upon infection, would you give up condoms?
Survival of the fittest (Score:4, Interesting)
Perhaps the next phase will be a virus or worm that follows genetic theory. The genetic features that would have to be modelled would be:
1) it is considered beneficial
2) it can reproduce
3) it can mutate
The successful entities would then survive, and the unsucessful mutations would die out. Survival of the fittest?
which brings up another question... (Score:4, Interesting)
Creeper and Reaper (Score:2, Interesting)
In the 1970s [google.com], Creeper was the first Internet worm, which spread among computers running the Tenex OS. Reaper, the second Internet worm, was sent to destroy copies of Creeper.
Patching not posible... or not always... (Score:2, Interesting)
I wish to know more details about how the Anti-Santy patch is done. Any URL?
A self-spreading worm it is always dangerous, another aproach, doubthly legal byut more polite is the strike back philosophy. If someone attacks you then strike back and patch them (and install other strike back worm). With this technic the infection could be reduced without increase the bandwith for all the internet.
Good Worms Bad Worms. When can we QOS these things (Score:4, Interesting)
I need a router/switch/filter that recognises worm/virus traffic for what it is and sets QOS down (or out) on such traffic. Better yet, I want my internet provider to have one. So the neighbor next door's got twelve sessions of Butt Trumpet running on his PC and more broadband in Mbps than he has brain cells to rub together, doesn't mean the pipes I use outta here need to be effected.
Niceties would be an ability to recognise interactive traffic and flag it for regular service. Not an original idea, by the by, was first mentioned in sf by John Brunner some years back.
Another project I will never get round to.
This is the end of the rant. We now return you to your regularly scheduled
Re:White Worms (Score:3, Interesting)