On Fri, 13 May 2005 11:13:03 CDT, k k said: > There is debate surrounding whether releasing benign worms such as Nachi or > Welcha, in general is ethical or not. But network administrators can still > create benign worms for their need (not necessarily Nachi or Welcha) and > release them in their domain to patch systems. > > 1. Do people do that? Or at least, have you considered it? I doubt anybody seriously considers it > 3. If not, what prevents you from doing that? There's 3 basic setups: 1) You don't have a lot of machines. You don't *need* a worm to update 5 or 10 boxes, just walk to each and do it. 2) You have a lot of machines that aren't under your direct administrative control (for example, an ISP or a university). You can't deploy a worm, because those boxes aren't yours to screw around with - worming them could get you arrested for hacking and/or end up liable for any damages caused if a machine glitches during the patch. 3) You have a lot of machines under your control that you need to update. You don't need a worm - there's plenty of tools like "Push an update via an AD policy" and so on, and you should be using those.
Attachment:
pgpa5rYkTtIY8.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/