On Monday 06 August 2001 07:07 am, Thomas Mondoshawan Tate wrote:
> Just had a crazy thought about all this RC mess. How about writing an
> anti-worm-worm (or vaccine) that uses the same infection method, but
> removes all copies of the RC and RCII worm from the system, notifies the
> system admin of each box it's run on and then kills itself after a
> specified date? You could then write a script on your apache system that
> logs the IP of the infected host, and then schedules an
> anti-infection-infection to be run later. Whaddya think? Good, bad, ugly?
Tempting, but ethically ambiguous and definitely illegal. This isn't
theoretical, btw, there is a "worm" for Linux that does something very
similar. It was/is called the "cheese worm" and it supposed tries to rid
"infected" Linux systems of known worms and backdoors. Check out this link:
http://slashdot.org/articles/01/05/17/0038205.shtml
If you read the feedback (mod +5 works well), you'll see the prevailing view
of this. It may *seem* like a good idea, but in the end it's still just an
uncontrolled program breaking into another computer.
--
Kurt Granroth | http://www.granroth.org
KDE Developer/Evangelist | SuSE Labs Open Source Developer
granroth@kde.org | granroth@suse.com
KDE -- Conquer Your Desktop
(text/plain)