Re: slapper countermeasures
Ralf Dreibrodt écrivait :
> you want to use a backdoor to get access a server, on which you are not
> allowed to get access. after that you want to modify the server (killing
> processes, deleting files) and you use the server without permission (for
> sending mail).
> well, IANAL, but you should ask a lawyer before doing stuff like this.
> i already made some bad hedrivings a few years ago with something like
You may note that the server administrator will have *a lot* of difficulties
to find you since commands will not come directly from your "virus cleaner
machine" but from any one of the other machines in the whole pool of
Another idea is to install a honey-pot with an old openssl and a modified
and precompiled "/tmp/.bugtraq" that would catch the pool of infected
machines from the one trying to install itself on yours, and then send
direct e-mail to them, one by one... Not as good as the virus-against-virus
one but it should be safe against the laws!