THE WHATIS.COM WORD-OF-THE-DAY March 26, 2003 ethical worm
______________ SPONSORED BY: Global Knowledge BECOME THE EXPERT! Global Knowledge is a worldwide leader in IT education and enterprise training solutions, offering more than 700 courses. For a limited time purchase any 3 courses at one time, and get $1,000 off the total! Choices include Network Security, Microsoft Windows 2000 Server, and Linux Administration. Click here to review our entire course catalog http://WhatIs.com/r/0,,11697,00.htm?globalknowledge ________________ TODAY'S WORD: ethical worm See our complete definition with hyperlinks at http://searchwindowsmanageability.techtarget.com/sDefinition/0,,sid33_gci888454,00.html An ethical worm is a program that automates network-based distribution of security patches for known vulnerabilities. Like its malicious counterpart, the ethical worm could propagate across networks exponentially and perform its tasks without user knowledge or consent, through a process sometimes called a drive-by download. According to some, such invasive behavior is warranted because many system administrators fail to install appropriate patches and service packs, despite knowledge of vulnerabilities and available solutions. The deployment of ethical worms for patch distribution is frequently suggested in discussion forums, especially in the wake of a wide-ranging malicious attack. In January 2003, a worm called the SQL Slammer exploited a known buffer overflow vulnerability in Microsoft SQL 2000 server systems to cause widespread Internet outages. The attack, which may have been carried out to illustrate the problem of lax security, was launched precisely six months after Microsoft released a patch for the flaw. Had the patch been installed to vulnerable systems, the SQL Slammer attack might have had little impact. Although installing security solutions through ethical worms would, at least, ensure they were deployed, there are concerns that the method would create more problems than it solved. According to Ed Skoudis, author of the book, "Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses," even if an ethical worm worked flawlessly, it could inadvertently cause damage because of conflicts with other programs and particular system configurations. RELATED TERMS: worm http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci213386,00.html patch http://searchsystemsmanagement.techtarget.com/sDefinition/0,,sid20_gci212753,00.html drive-by download http://whatis.techtarget.com/definition/0,,sid9_gci887624,00.html buffer overflow http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci549024,00.html ______________ SELECTED LINKS: SearchSecurity.com offers a tip from Ed Skoudis, "Ethical worms: a bad idea." http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci877038,00.html SearchNetworking.com offers a page of white papers about "Network Security." http://searchnetworking.techtarget.com/whitepapersByCategory/0,293837,sid7_tax289248_idx0_off10,00.html ______________ TODAY'S TECH NEWS: INTERSAN EXTENDS PATHLINE AUTOMATION FEATURES InterSAN is prepping for an upgrade of its Pathline management and automation product. http://searchstorage.techtarget.com/originalContent/0,289142,sid5_gci887497,00.html CIO, CPO RELATIONSHIP BECOMING KEY IN IT SHOPS With government initiatives such as HIPAA (the Health Insurance Portability and Accountability Act) turning up the pressure to protect customer data, organizations have recognized the need to rank privacy ahead of almost all other issues. http://searchcio.techtarget.com/originalContent/0,289142,sid19_gci887780,00.html FREIGHT COMPANY HAULS IN 37,000 WINDOWS PATCHES Administrators at freight giant CNF have installed an eye-popping 37,000 Windows desktop patches since August. An IT manager with CNF explained why they needed so many, and he offered some patch management advice for those who need to patch things up in their own organizations. http://searchwindowsmanageability.techtarget.com/originalContent/0,289142,sid33_gci887247,00.html >> Catch up on all the latest IT news at http://searchtechtarget.techtarget.com/ ______________________ KNOW-IT-ALL QUESTION | Do you speak geek? This operating system originated at Bell Labs in 1969 as an interactive time-sharing system. a. BASIC b. DOS c. Linux d. Unix >> See correct answer http://searchsolaris.techtarget.com/sDefinition/0,,sid12_gci213253,00.html ______________________ QUIZ #36 | Linux Basics Take our latest quiz and see how much you know about Linux. Make Linus Torvalds proud! >> Click to take the quiz http://searchenterpriselinux.techtarget.com/sDefinition/0,,sid39_gci882525,00.html ______________________________ RECENT ADDITIONS AND UPDATES [1] non-geographic number http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci885964,00.html [2] Internet Key Exchange http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci884946,00.html [3] Wi-Fi Protected Access http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci887323,00.html [4] Learning Guide: Introduction to XML http://whatis.techtarget.com/definition/0,,sid9_gci887243,00.html [5] Learning Guide: Security Policy Primer http://whatis.techtarget.com/definition/0,,sid9_gci887248,00.html ____________________________________________________________________ ::::::::::::::::::: WHATIS.COM CONTACTS ::::::::::::::::::: LOWELL THING, Site Editor ([EMAIL PROTECTED]) ____________________________________________________________________ MARGARET ROUSE, Associate Editor ([EMAIL PROTECTED]) ___________________________________________________________________ :::::::::::::::::::: ABOUT THIS NEWSLETTER ::::::::::::::::::::: Published by TechTarget (http://www.techtarget.com) TechTarget - The Most Targeted IT Media Copyright 2003, All Rights Reserved. Unsubscribe from 'Word of the Day' - Simply Reply to this Email with REMOVE within the Body or Subject > or - Go to: http://WhatIs.techtarget.com/register - Log in to edit your profile. - Click on the link to Edit email subscriptions. - Uncheck the box next to the newsletter you wish to unsubscribe from. - When finished, click "Save Changes to My Profile."
