On Monday 06 August 2001 07:07 am, Thomas Mondoshawan Tate wrote:
> Just had a crazy thought about all this RC mess. How about writing an
> anti-worm-worm (or vaccine) that uses the same infection method, but
> removes all copies of the RC and RCII worm from the system, notifies the
> system admin of each box it's run on and then kills itself after a
> specified date? You could then write a script on your apache system that
> logs the IP of the infected host, and then schedules an
> anti-infection-infection to be run later. Whaddya think? Good, bad, ugly?

Tempting, but ethically ambiguous and definitely illegal.  This isn't 
theoretical, btw, there is a "worm" for Linux that does something very 
similar.  It was/is called the "cheese worm" and it supposed tries to rid 
"infected" Linux systems of known worms and backdoors.  Check out this link:
http://slashdot.org/articles/01/05/17/0038205.shtml

If you read the feedback (mod +5 works well), you'll see the prevailing view 
of this.  It may *seem* like a good idea, but in the end it's still just an 
uncontrolled program breaking into another computer.
-- 
Kurt Granroth            | http://www.granroth.org
KDE Developer/Evangelist | SuSE Labs Open Source Developer
granroth@kde.org         | granroth@suse.com
            KDE -- Conquer Your Desktop