On Wed, 5 Sep 2001, Stanley G. Bubrouski wrote: > Does anyone realize what a bad idea it is to release worms like this in > the first place, regardless of wheatehr or nto they mean well? > > Think about it. > > CodeGreen from my understanding does random scanning like Code Red and is > infecting machiens iwth another worm that degrades system performance and > causes traffic. This isn't a cure it's a nightmare. Why? > Wrong. IT doesn't activley scan. It only 'attacks' other machines that are running Code Red that attack it first.. i.e., it's a COUNTER-measure. > 1) It causes traffic that can lead to serious bandwith consumption. See above. By disabling code red on the attacking machine, it actually cuts down overall traffic. > > 2) Traffic caused by Code Red brings down routers and > printers and it even can cause Cisco 2500 series routers (from experience, > costly ones) to run out of memory and cease functioning until a reboot. See above. It doesn't activley scan. > > 3) It's illegal. Just as Code Red gaims unauthorized access to systems, > so does this worm. Yes. But it prevents other Code Red machines from gaining unauthorized access to additional systems. I'm not arguging that it isn't illegal. > > 4) If patching fails the system is still going to be vulnerable and it > will be propagating itself to other systems that may not be patchable. As opposed to when you don't try and patch it, how the machine will be vulnerable and will be propagating itself to other systems that may not be patchable? :P > > 5) Machines infected with Code Red are often times unresponsive to HTTP > requests due to high memory and CPU of the Code Red infection so in many > cases not only will the CodeGreen worm not fix already infected machiens > it will most likely attempt to clean machines that are vulnerable but are > not spreading the worm, again causing more network traffic. This is due to the active scanning that Code Red does. Once again, Code Green does not do this. > > 6) People who use Concur(A billing app used by millions of sales people on > the road in corporations all over the world) for example have IIS running > and are often times connected via dial-up to a VPN at a corporation, the > traffic generated by CodeGreen would most likely eat up all the bandwith > on their dial-up connection and cause mission critical data transmissions > to fail in the same way Code Red does. See above. > > 7) Releasing untested code to the public who will surely unleash it into > the wild could lead to dataloss and other problems. Yes, don't release untested code, lest someone might try and improve it or something. :P In the future, please read up on things before talking about them. :P > > 8) Go to hell. > > Regards, > > Stan > [... signatures snipped] > ------------------------------------------------------- Michael R. Rudel * 734.417.4859 * mrrat_private AOL AIM: ATSTheory * Cell E-Mail: pageat_private Student Technician, Pinckney Community Schools Principal Engineer, Michael R. Rudel Consulting -------------------------------------------------------
This archive was generated by hypermail 2b30 : Wed Sep 05 2001 - 23:49:47 PDT