>> You would probably only do something like this in case of an emergency. >> In most cases there are a lot better ways to patch management than spreading >> a worm of your own. >Describe an emergency scenario where writing and testing a worm to do your >network is superior to deploying either a honeypot back-attack-and-patch or >centralized scan-and-patch service? I'm not saying that this is the superior way to do it. The point I was trying to make is that it is very risky and it should not be considered for regular patching. There might be some cases when writing a quick "worm" to patch rogue machines automatically might be better (especially to patch laptops connected to a wireless hotspot, etc) but since it is risky it should only be used in cases of emergency. >> Perhaps the best example of how this was used and why it should be done this >> way unless it's an emergency is the problem with the Xerox researches in >> 1978 that used worms to automate tasks on their network. The code was >> corrupted and over 200 machines crashed. > I think you meant "Why it *shouldn't* be done this way"? Sorry, that it was I meant.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/