[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Worms and New Netscape Bug




Although Netscape will certainly fix their new bugs, it's likely that
many old copies will remain on computers on the net, and the holes
will remain.

Netscape could "fight" against this with a modified worms/webcrawler
which looks for blatantly dangerous domain names in URLs and reports
them to "CERT" or blockware companies like Surfwatch.  For example,
they'd find the foo* link at the bottom of 
<A HREF="http://www.ai.mit.edu/people/lethin/lethin.html">My page</A>

Not a complete solution obviously (e.g. the server could selectively
reply to requests, and hide from the webcrawler IP).

What happens when someone using the AOL browser clicks on one of these
HREF's... does it crash all of AOL?

---
Concurrent VLSI Arch. Group     545 Technology Sq., Rm. 610
MIT AI Lab                      Cambridge, MA 02139 (617)-253-0972