Bonk Bonk on the head... (yes it was Miri) I'd just like to get more people thinking about securing their systems (as I have spent the last hour on a new agents machine removing Ncase and all the other spyware), at least minimally, because it really is scary thinking about what a determined hacker could do with all these zombies. If I have to scare people into doing it, I can live with it.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: Thursday, July 22, 2004 1:34 PM To: Markus Gufler Subject: Re[2]: [Declude.Virus] Bitdefender claims terror ties to virus On Thursday, July 22, 2004, 12:04:19 PM, Markus wrote: >> Right now there IS a vast network of >> zombies being used to send spam. If the virus writers sell >> or give access to spammers, they could be giving access to >> anyone and these compromised computers could be used just as >> easily to launch DDOS attack on infrastructure as they can to >> send spam. MG> This is why I really really hope that someone write a Sasser-like worm with MG> the only intention to activate something very nerve-racking on the infected MG> machine. (5-minute popups or automaticaly deactivated hardware devices like MG> mouse, printer, floppy, cdrom...) <insanity> Hey - what about a DNSBL that is fed by a worm? The worm goes out and infects as many machines as it can with as many methods possible - then it reports back the IP to a central server and the server puts the IP in a DNSBL - then the worm goes to sleep to see if it can infect again another day.... What about worms that exploit holes in worms to kill the worms and then... no wait, that's been done... </insanity> Stuff like this comes up in brainstorming sessions here all the time - that doesn't make it a good idea. Putting on the black hat once in a while and looking for holes is a cornerstone of bulletproofing R&D... I know I'm glad I'm not "working for the dark side"... I can't even say some of the things I've thought of - it just wouldn't be worth the risk of getting it out there - no telling who's listening. Suffice to say, unsecured equipment is a bad thing and it needs to go away. Any way we can do that, without turning to the dark side, is a good thing. Since no amount of cleanup will ever be perfect or complete, the other thing we will always need to do is strengthen the network against exploits... There are lots of ways to do this that just haven't been done... and politically may never be done... but I hope those things happen before we start writing "white worms". _M I'm reminded of a Star Trek episode... "Miri" I think it was. They came across a handful of children - all that was left of an industrialized society that had attempted to cure mortality by releasing a series of viruses to alter their DNA and boost their immune systems. In the end, the viruses mutated so that anyone reaching puberty became "very scary" and died. Sure, it's sci-fi - but if you can dream it, it can happen - so be careful what you wish for. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com. --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.
