Good Network Worms Made Simple 137
grabbag writes "Dave Aitel is pitching new technology to create "nematodes," or beneficial network worms for use in large businesses. The idea is to set up a new language and structure to create "strictly controlled" good worms on the fly. A research-type demo was given as the Hack in the Box conference where Aitel talked about a world where "strictly controlled" nematodes are used by ISPs, government organizations and large companies to show significant cost savings."
Wouldn't it be easier to fix things? (Score:5, Interesting)
Rather than constructing a framework around the idea of building "beneficial" worms that work through the same exploits as real worms, and having to respond to security problems by passing around a disinfectant worm by the same (newly dicovered) vectors as the bad worms roaming your network, wouldn't it be a lot easier to fix the operating systems, networks, and the policies applied to them, such that you don't have a malicious worm problem to begin with?
New word, old idea. (Score:3, Interesting)
In my day we called the 'ants'. An idea created by some chap at BT over here in Blighty.
"Old idea,
New name,
15 minutes of fame."
Re:Problem (Score:4, Interesting)
The same goes for system administrators. The corporate network is full of idiots who think they are great admins because they can install product x. Giving these idiots self-replicating code could cause great damage beyond your imagination. Most damaging worms are damaging because some rate limiting code is not coded correctly, or simply not understood by their creators.
Note to BOFH who is reading this with me: no i do not mean YOU.
Patching (Score:3, Interesting)
Although this seems like a good idea, I can't imagine pushing out worms that are beneficial. Why? Because you're still leaving the security exploit in place! Unless the beneficial worm closes the exploit, and in that case why not just release a patch in a safe an controlled manor?
Are we starting to confuse patching, a process every good security administrator should be familiar with, with "good worms"
DUMB DUMB DUMB! (Score:2, Interesting)
(yes I was young and stupid when I wrote the code in question and learned much from it)