The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #120 [Re:] (1 message, 657 bytes)
NOTICE: recognises the rights of all third-party works.


From: Theodore Ts'o <tytso@ATHENA.MIT.EDU>
To: phage
Date: Mon 16:13:42 07/11/1988 EST
Subject: Re:
References: [Thread Prev: 116] [Thread Next: 123] [Message Prev: 118] [Message Next: 196]

Since as far as I know, no one (execpt the author of the virus), has a
copy of the program which listened at the other end at, any answer is probably going to be partially

Each time the virus is started, there is a 1/15 chance (it calls
random()) that it sends a single byte to on some
magic port.

If the reports that he intended it to spread slowly are true, then its
possible that it was intended to monitor the spread of the virus.  Some
news reports mentioned that he panicked when, via some "monitoring
mechanism,"  he saw how fast it had propagated.  Given how, ahem,
reliable some of the news reports have been, I wouldn't count on this
story being true; but if it is, it would make a lot of sense.

						- Ted