On Mon, 27 Jan 2003, Stewart, William C (Bill), SALES wrote: : :Back when the Code Red worm came out, somebody wrote a program :that responded to Code Red probes by using the same hole to :break into the infected server and disable it. :Is anybody doing that with this worm? I understand your point, but: Wouldn't such a mechanism simply help to foster the laziness of those whose machines helped propagate this issue (by delaying their awareness of the problem and the need for their intervention)? :Or does it step on the infected process too hard for that to work? : :Even if people don't want to run it on the open internet, :due to concerns about appropriateness of reverse hacking, :it might be useful for inside-the-firewall cleanup :for corporations that get hit. Might be. Let those inside worry about that (imho). -brian