Vulnerability Development mailing list archives
Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)
From: ".MetsyS." <stf () xtra co nz>
Date: Fri, 07 Sep 2001 10:20:20 +1200
Hey all, Well a very interesting discussion indeed, but I don't want to fill up vuln-dev'ers mailboxes with polical debate, thx to BB for letting us thrash it out for a bit longer. I shall try and be brief. I agree, I think I was too hasty to say "lets let this loose becuase it's cool" LOL, defintly not a good enough reason, however AVV in my book definetly has a future and much thought needs to be given to any release. 1. I very much respect Der HexXer and Markus Kern for their effort and talent for coding, somebody was bound to have releaseed something like this to the public and I am very fortunate to have the opprotunity to read thier code and thank them. IF the law were to go after them I am exessivly dissapointed, software like this is like a tool as far as i'm concerned, if somebody throws a hammer through my window do I chase the person who threw it, or chase the manufacturer of the hammer ? (I feel sorry for Dmitry Sklyarov, down with DMCA and cyber-treaty.) This does not have malicious intenet and is a great solution to a pain in the ass problem which is still filling up my logs and as Ron DuFresne points out contacting admins is sometimes as useless as the tits on a bull. 2. I do not like the idea of M$ or Symantec doing something like this.. not sure why, just gut intinct does not trust large corps, especially if the worm is closed source. I admit a worm like this (any worm) is dangerous and may have unforseen affects, though I must say I like passive infection as it does not consume exessive bandwidth. I am curious to see the impact of the relase in the wild of code green. Here is my outline for the release of AVV (Anti Virus Virri). 1. There must be a certain amount of time for a malicious worm to be out in the wild to allow those with a clue to patch their boxes, I suggest 1-2 months depending on the severity of the worm/virus. 2. AVV MUST be open source. 3. AVV MUST use passive/retalitory infection. 4. The code should be a community effort. 5. AVV MUST have an expiry date (suggest 3 months from release). 6. Due to laws in place obviously the worm should be released in a country that does not have hacking laws. .MetsyS.
Current thread:
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.), (continued)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Emre Yildirim (Sep 06)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Stanley G. Bubrouski (Sep 06)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Ron DuFresne (Sep 06)
- RE: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) John R. Morris (Sep 06)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Gert-Jan Hagenaars (Sep 06)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Ron DuFresne (Sep 07)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) abel (Sep 07)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Stanley G. Bubrouski (Sep 07)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Gert-Jan Hagenaars (Sep 07)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Meritt James (Sep 07)
- Message not available
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) .MetsyS. (Sep 06)
- AW: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Steinhart Alexander (Sep 05)
- Re: AW: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Markus Kern (Sep 06)
- Re: AW: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Patrick Patterson (Sep 07)
- RE: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) t. patrick o'hara (Sep 06)
- RE: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Ivan Dimitrov (Sep 06)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) abel (Sep 06)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Markus Kern (Sep 06)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) Stanley G. Bubrouski (Sep 06)
- Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) S (Sep 06)