Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Security IT

Good Network Worms Made Simple 137

Posted by samzenpus from the what-could-go-wrong dept.
grabbag writes "Dave Aitel is pitching new technology to create "nematodes," or beneficial network worms for use in large businesses. The idea is to set up a new language and structure to create "strictly controlled" good worms on the fly. A research-type demo was given as the Hack in the Box conference where Aitel talked about a world where "strictly controlled" nematodes are used by ISPs, government organizations and large companies to show significant cost savings."
This discussion has been archived. No new comments can be posted.

Good Network Worms Made Simple More

Good Network Worms Made Simple

Comments Filter:

  • Wouldn't it be easier to fix things? (Score:5, Interesting)

    by photon317 ( 208409 ) on Thursday October 06, 2005 @08:14AM (#13728802)

    Rather than constructing a framework around the idea of building "beneficial" worms that work through the same exploits as real worms, and having to respond to security problems by passing around a disinfectant worm by the same (newly dicovered) vectors as the bad worms roaming your network, wouldn't it be a lot easier to fix the operating systems, networks, and the policies applied to them, such that you don't have a malicious worm problem to begin with?

  • New word, old idea. (Score:3, Interesting)

    by mustafap ( 452510 ) on Thursday October 06, 2005 @08:29AM (#13728891) Homepage

    In my day we called the 'ants'. An idea created by some chap at BT over here in Blighty.

    "Old idea,
    New name,
    15 minutes of fame."

  • Re:Problem (Score:4, Interesting)

    by leuk_he ( 194174 ) on Thursday October 06, 2005 @09:19AM (#13729222) Homepage Journal
    nearly all networks are full to the brim with idiots.

    The same goes for system administrators. The corporate network is full of idiots who think they are great admins because they can install product x. Giving these idiots self-replicating code could cause great damage beyond your imagination. Most damaging worms are damaging because some rate limiting code is not coded correctly, or simply not understood by their creators.

    Note to BOFH who is reading this with me: no i do not mean YOU.

  • Patching (Score:3, Interesting)

    by SumDog ( 466607 ) * on Thursday October 06, 2005 @02:51PM (#13733020) Homepage Journal
    I've heard of security experts stopping some worms which received their updates from geocity sites but placing an update on the geocity site that removed the worm and locking the original creator for accessing the site. The worm in effect, downloaded updates that cleaned itself.

    Although this seems like a good idea, I can't imagine pushing out worms that are beneficial. Why? Because you're still leaving the security exploit in place! Unless the beneficial worm closes the exploit, and in that case why not just release a patch in a safe an controlled manor?

    Are we starting to confuse patching, a process every good security administrator should be familiar with, with "good worms"

  • DUMB DUMB DUMB! (Score:2, Interesting)

    by TENTH SHOW JAM ( 599239 ) on Thursday October 06, 2005 @07:35PM (#13735505) Homepage
    Worms have a horrid tendancy to get out of control. I wrote one to modify some settings on my LAN. In 3 months time it had persecuted a national WAN. Fortunately it din't try to do anything that could not be fixed reasonably quickly, and I was eventually able to kill the blighter off using self extermination code. But a net worm, is NOT A GOOD WAY OF UPGRADING. the little beasies have a habit of getting out of control, no matter what you do.

    (yes I was young and stupid when I wrote the code in question and learned much from it)

Slashdot Top Deals

Anyone can make an omelet with eggs. The trick is to make one with none.

Close