The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #195 [Disassembled virus?] (1 message, 992 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/195.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.

START OF DOCUMENT

From: fin@uf.msc.umn.edu (Craig Finseth)
To: phage
Date: Wed 10:16:42 09/11/1988 EST
Subject: Disassembled virus?
References: [Thread Prev: 184] [Thread Next: 181] [Message Prev: 193] [Message Next: 207]

>   From: Theodore Ts'o <tytso@ATHENA.MIT.EDU>
>   Reply-To: tytso@athena.mit.edu

>      Date: Tue, 8 Nov 88 15:38:01 PST
>      From: Peter E. Yee <yee@AMES.ARC.NASA.GOV>

>      I would prefer to see it distributed, but not until we know that most sites
>      have applied suitable patches and will not vulnerable to a mutation of this
      worm.

>   That will never happen.  Unless you want to be confident enough to say
>   that there will never be another security hole discovered in UN*X's
>   network services?

Both of you are assuming that *current* systems have been patched.
Given that there are, by some estimates, in excesss of 100,000
machines attached to the Internet, it would not surprise me if less
than 5% of them have been fixed.  Granted, these 5% are the current
set of critical "node" machines in the net, but given the rate at
which the net is growing (>2 connected networks per day), connectivity
will keep increasing and in a few months we may well essentially be
right back to where we started from.

Just to worry you more, we are a large Sun site and we haven't
received word that Sun is coming out with a 4.0a release that has this
bug fixed...  (Although I assume they will by 4.1.)

Craig A. Finseth			fin@uc.msc.umn.edu [CAF13]
Minnesota Supercomputer Center, Inc.	(612) 624-3375

END OF DOCUMENT