Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: The 'good worm' from HP

From: <fulldisclosure () wateraxe demon nl>
Date: Sat, 21 Aug 2004 11:07:02 +0200
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I really don't KNOW what HP is doing, but I would assume that it's
just a 'product' and not a worm. Meaning, you can probably setup 1
system on your network that scans a specified range (for example only
your workstations if you're worried about your servers getting
autopatched). So any machines that are somehow not picked up by your
normal patch management system (maybe it's not a member of your
domain ..) will still get patched. I also assume they will not
'infect' any machines to use them to scan further (ie worm
behaviour). I'm not saying this is all good or bad, but I was reading
this thread and it seems you are all expecting HP to just let this
loose on the internet.

Allan


[snip]

I hope the HP folk have read it and thought very carefully about all 
this...  (Sadly the media reports are too "light and fluffy" to make 
anything sensible of what HP is really proposing.)
[/snip]



- - -- 
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3

iQA/AwUBQScQtpNqa4mRthN9EQL1lwCfb594IT8yK46290dA7VGw1Gw/YcQAn0O3
16uV3oCHHymuvCGUqHPoY4uc
=+HGg
-----END PGP SIGNATURE-----


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: