Feeds

Code Red busting code gets cool reception

Fight fire with fire

  • alert
  • submit to reddit

Protecting users from Firesheep and other Sidejacking attacks with SSL

The use of virus-like code that is geared to patching security holes on vulnerable systems has received the thumbs down by members of the security community.

In the wake of the widespread (though at times exaggerated) impact of the Code Red worm and its variants, white hat hackers have posted programs on the net which repairs systems and guards against further infection.

CodeGreen, which was written by Herbert HexXer, goes as far as downloading and installing patches from Microsoft on vulnerable systems. Crclean works in a similar way to Code Green but only spreads itself onto servers which scan a box onto which it has been installed.

The idea of "fighting fire with fire" in this way was used before by the Cheese worm, which fixed a flaw exploited by the Li0n worm on vulnerable Linux boxes.

Alex Shipp, senior antivirus technologist at MessageLabs, which scans its users email for viruses, said whatever the intent behind programs like Code Green they performed unauthorised changes on a network, which could cause serious problems.

Updating systems can go wrong and cause more damage than gets fixed.

Programs similar to Code Green might actually create other security holes, said Shipp, who added the best route was for sys admins to organise a security audit on their own machines. ®

External Links

Code Green (which in fairness contains plenty of caveats about its use)
Crclean (which likewise cautions users)

The next step in data security

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.