OT: RC Vaccine?

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Kevin Brown
Date:  
Subject: OT: RC Vaccine?
Actually that's not true. Qwest/Cox could stop it from hitting their customers
by putting in an Access Control List (ACL) in the routers. According to my TOS
I'm not allowed to be running any services, so if they block incoming requests
to ports less than 1024, or just block the individual ports (21,22,23,80,
etc...) then this worm wouldn't be able to affect any of Qwest's/Cox's
non-business users. The problem is they have chosen not to do this.

> > Just had a crazy thought about all this RC mess. How about writing an
> > anti-worm-worm (or vaccine) that uses the same infection method, but
> > removes all copies of the RC and RCII worm from the system, notifies the
> > system admin of each box it's run on and then kills itself after a
> > specified date? You could then write a script on your apache system that
> > logs the IP of the infected host, and then schedules an
> > anti-infection-infection to be run later. Whaddya think? Good, bad, ugly?
> > =op


> What if this same program installed a batch file or AT command to launch the
> antivirus and or just go to windows update and get the patch for this worm.
> Better yet just formatted the HD. Because of it I have extremely low
> bandwidth, 60-100kbps on my cable modem which usually has downstream
> throughput of 2+mbps, my brother in-law has Qwest DSL and can't even get
> online because of this thing. The worst part is they (Cox/Qwest) can do
> nothing about it.