I think we should call it an anti-body. Seems to perform the same
function.
Ed.
ter swartz wrote:
>
> Not sure if this is true...received from friend.
>
> http://news.cnet.com/news/0-1003-200-5949401.html
>
> > CNET reports a new worm spreading rapidly among
> Linux servers around the
> world.
> >
> > Before you Microsoft fans start cheering, it's not
> your normal worm. In a
> sort of microcosm of all
> > things Linux and open source, the worm, while
> entering your system without
> authorization and
> > spreading itself from your server without approval,
> is beneficial.
> >
> >
> > It's called the Cheese Worm, and it enters
> previously compromised systems,
> patches up a security
> > hole, and then spreads itself on.
> >
> >
> > Basically, it enters through port 10008, a back door
> opened by the
> malicious 1i0n worm. It closes
> > the insecure port, then scans for other systems with
> port 10008 open.
> >
> >
> > The worm also leaves a note explaining itself.
> >
> >
> > # removes rootshells running from /etc/inetd.conf
> > # after a l10n infection... (to stop pesky haqz0rs
> > # messing up your box even worse than it is already)
> > # This code was not written with malicious intent.
> > # Infact, it was written to try and do some good.
> >
> >
> >
> > Most systems administrators aren't upset about the
> worm's activities, but
> they still express unease
> > over a program having unauthorized access to their
> systems.
> >
> >
> > I think the key point to consider is how the worm
> spreads. It enters
> through a previously
> > compromised port. If you don't have a compromised
> system, this worm won't
> enter it. In that respect,
> > I think it's a good worm, and I wholeheartedly
> support it.
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Auctions - buy the things you want at great prices
> http://auctions.yahoo.com/
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:02:00 EDT