Path: utzoo!attcan!uunet!mcvax!hp4nl!dutrun!hans
From: hans@duttnph.UUCP (Hans Buurman)
Newsgroups: news.sysadmin
Subject: Using part of the virus
Message-ID: <535@dutrun.UUCP>
Date: 5 Nov 88 22:16:12 GMT
Sender: tnphnws@dutrun.UUCP
Reply-To: hans@duttnph.UUCP (Hans Buurman)
Organization: Delft University of Technology, The Netherlands
Lines: 26

I have read somewhere that last week's virus checked for possible
rhosts and hosts.equiv leaks, as well as trying some simple passwords
in order to get in. It seems (for a variety of reasons) wise to have
such a program running on a regular basis, in order to close the leaks.
Better find the week spots ourselves, before someone else finds them.

Now I could try to write such a program, but obviously somebody has
already done so... Would it be a good idea to post this part of the
virus, to help people close the gaps ? Or, would somebody mail the
code to root@duttnph.uucp ? I don't want/need the whole virus. of
course :-). Just the code that finds obvious security holes.

Or is all this a bad idea ? I think we should use this experience,
in order to make the world a safer place. By the way, what's a good
newsgroup for this ?

	Hans

-----------------------------------------------------------------------------
Hans Buurman                   | hans@duttnph.UUCP
Pattern Recognition Group      | mcvax!dutrun!duttnph!hans
Faculty of Applied Physics     | tel. 31 - (0) 15 - 78 46 94
Delft University of Technology |
the Netherlands                |
-----------------------------------------------------------------------------
Disclaimer: any opinions expressed above are my own.