Re: Implications of recent virus (Trojan Horse) attack


Karl Kleinpaste (triceratops.cis.ohio-state.edu!karl@tut.cis.ohio-state.edu)
9 Nov 88 14:41:05 GMT


If you want to suggest ongoing testing of small viruses in order to be
prepared for the big, dangerous ones, that's fine. One might even
call it noble. But such testing should be done on ISOLATED networks
in order to preclude the little jewels from going where they're not
intended. I don't yet accept the idea that the latest worm was
released `by accident'; but even if so, it was grossly careless.

Once you have a physically isolated network, there is of course no
reason to make the test viruses and worms non-destructive, aside from
the time you'll cost yourself in restoring your system following each
local simulated attack. But knowledge of that restoral cost would be
useful data to have, perhaps as a function of the virulence of the attack.

I would be very angry with anyone deciding to arrogate to themselves
the position of "official network virus tester," and thereby give
themselves permission to abuse my systems from Far Away.



This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:44:30 GMT