Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: RE: Bening Worms (Cosmin Stejerean)
From: purplebag <purplebag () gmail com>
Date: Sat, 14 May 2005 23:34:38 -0400

This thread is hogwash. There are clearly zealots that think anything
with a worm or virus label on it is unacceptable, based on
"experience" and there are also free thinkers that do not limit the
scope of exploration to the work that has been done before them.

Nick FitzGerald wrote:
Stejerean, Cosmin wrote:

I think you are going a little overboard with this kind of response. The guy


The guy is clearly a chopper.

Ten minutes "research" with Google would have shown him that "benign" 
worms aren't, and only a very narrow fringe of mostly highly marginal 
IT folk think that the idea is worth more than immediately flushing 
down the toilet.  Further, among those who do think it might be a good 
idea or one worth studying, that support falls off very quickly with 
actual, relevant academic or work experience.

Would you extend that to researchers in the medical industry? Aren't
viruses used every day in medicine to prevent and protect the host
from more hostile attack? Have you ever received the flu shot?

Of course, you will have some overblown opinion on this as well.
Suffice it to say that simply because you believe, based on your
"experience", that is it not possible or good is simply a testament to
your closed minded nature.

His floating such a stupid, time-worn, discredited notion, which he so 
easily could have found to be such, in this list is much more closely 
akin to trolling than "research".

had a couple of questions about "benign worms." If you are going to provide
some useful feedback then go ahead and do it. If you are going to write an
insulting email you should probably think twice about it.

Thanks for the advice.

I've filed it where my experience tells me it should be filed...

Excellent choice of words as I have seen no wise teaching from the
ancients in this thread. I think you would have been better served to
use that experience to educate instead of attack. Wisdom is something
people might attribute as a result.

<<big snip>>

If I recall properly Stanford also used similar techniques to get rid of MS
Blast on their networks especially from laptop machines that were infected.
They had no administrative control over those machines yet the machines
posed a threat and the threat had to be eliminated.

Assuming this is a correct recollection of whatever...

Run that past us again -- Stanford had machines on their network that 
posed a risk to the rest of their network BUT the Stanford IT folk had 
no administrative rights to those machines?  They couldn't configure 
their network infrastructure so it didn't offer an IP to these 
"anonymous" threats or at least configure it so it wouldn't route their 

Quite possibly so. 

If there really was a "need" to allow such anonymous machines 
to come and go from their network, why had they not configured their 
network so it only allowed such "anonymous" machines very limited 
access (such as putting them in a separate sub-net so they screwed with 
each other but not with "Stanford real", and that, perhaps, only had 
very limited off-site access through their firewalls)?  Sounds like 
Stanford runs (ran?) a _really_ screwed-up network...

Believe it or not there actually are politics, resource problems, and
legacy issues involved.

Worse though, you seem to imply that it was alright for Stanford to 
take action against those machines by exploiting a vulnerability on 
them to "fix" the threat posed to Stanford's network.  

Why does viral technology need to exploit any vulnerability to be a
worm or a virus? What about simple tag along and mail and click happy

I am not advocating the use of viral code as a cure all but there is
clearly opportunity for it to do good as well as bad things. Like it
or not people do do this, have done this, and will probably continue
to do this. You have an opportunity to clearly state an opinion on why
they shouldn't and instead you go on the attack as if you are the last
word on the matter. Take the opportunity to further your cause instead
of alienate yourself from the people that are thinking about doing it.
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]