[unisog] [dc-sage] Code Red mutated? (fwd)

Peter Van Epp vanepp at sfu.ca
Mon Aug 6 17:46:55 GMT 2001


	I expect the liability issues would be horrendous. What if your fixit
worm screwed up with some particular configuration and destroyed the machine
instead of fixing it? You can't be sure there isn't such a configuration with
the breadth of systems out there. If you are Microsoft, you have deep sueable
pockets and I expect are used to bad publicity about security because you 
get so much of it and apparantly care so little: "iis the NT root kit posing
as a web server"  ...

Peter Van Epp / Operations and Technical Support 
Simon Fraser University, Burnaby, B.C. Canada

> 
> Is there a point when it would just be easier to write the Red-fix worm.
> Does patch by force ever make sense.  You think someone at micro$oft
> would do it just for "damage control".
> 
> (the patch would probably open ten new holes)
> 
> 	--Mike
> ___________________________
> Michael Lang    mlang at lanl.gov
> Los Alamos    National Laboratory
> ph:505-665-5756,     fax:665-5638
> MS B256, Los Alamos, NM 87545
> 
> 
> 



More information about the unisog mailing list