On Tue, Aug 07, 2001 at 10:34:23AM -0500, James Stauffer wrote:
> Would it work to write a program that listens for the default.ida request
> and then sends back a patch through the hole to IIS on the machine with the
> virus?  It wouldn't be a virus because it would not spread (it would not
> send itself, only the patch).  It's legality shouldn't be a problem because
> you are only protecting your computer and not harming the other computer.
> It could also try to email webmaster at the machine.

Technically, yes, it could be done easily.  Some scripts have been
posted today on the debian-user mailing list which could probably be
modified to do so with minimal effort.

I wouldn't bet on its legality, though.  The current laws on that sort
of thing are currently sufficiently fu^H^Hmessed up that sending
email to your child's teacher could be illegal because it "modifies"
the school's computer systems by storing data on them.  I wouldn't
care to take the chance of going anywhere near that tar pit.

-- 
With the arrest of Dimitry Sklyarov it has become apparent that it is not
safe for non US software engineers to visit the United States. - Alan Cox
"To prevent unauthorized reading..."         - Adobe eBook reader license