[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Slightly OT: Worms: Exploit Plug-ins and Benevolent Worms



On Tue, 7 Aug 2001, Ira Abramov wrote:

> On Tue, 7 Aug 2001, Shlomi Fish wrote:
>
> > service. The reason I suggested perl is because:
> >
> > 2. Perl is available on most systems.
>
> IIS comes with perl built-in? because last time I checked the RC2 worm
> doesn't effect my Apache.
>
> checked again, no it doesn't.
>

IIS does not come with perl built-in. However, if there is an exploit, we
can execute a perl program with perl -e "" or something like that. That
is, given the fact that perl is installed on the system at all.

>From what Chen Shapira told me, most of Mercury's IIS clients refused to
install perl because they considered it a security breach of some sort. I
think the existence of perl is neglible in consideration to IIS, but this
is a different issue.

If that particular worm cannot run on NT systems - whatever. So, you could
say that by systems I meant "UNIX systems". If someone wants to write a
similar worm in VBS or whatever, I won't stop him. But I'd rather dedicate
it to UNIXes, then write in something as horrid as VBS, in which case I'll
dedicate it to Windows variants.

Regards,

	Shlomi Fish

> --
> (@-    GNU/Linux -
> //\       Best thing since the invention of the cat
> v_/_
>
>
> =================================================================
> To unsubscribe, send mail to linux-il-request@linux.org.il with
> the word "unsubscribe" in the message body, e.g., run the command
> echo unsubscribe | mail linux-il-request@linux.org.il
>



----------------------------------------------------------------------
Shlomi Fish        shlomif@t2.technion.ac.il
Home Page:         http://t2.technion.ac.il/~shlomif/
Home E-mail:       shlomif@techie.com

A more experienced programmer does not make less bugs. He just realizes
what went wrong more quickly.


=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il