Shifty

Whilst I agree with the general consensus that the worm shouldn't be released I think it could be worth working on a security related application of it as identified below by setzer1411. The idea here would be to see who has connected a removable device to a network machine and what files have been transferred either way. An idea of how that could work is that the program would propagate onto the USB drive and log the time, date, machine name, domain and any files transferred. The program would only run if the domain value matched your company domain. The program would then email the results to a sys admin or auditor for reviewing. Obviously the infected USB drive wouldn't propagate the program onto other machines as we'd be stuck in the same situation. The way this program would work is that you would install the program onto the machine of a troublesome user and then be able to keep track of their USB use across the network. Another application of this could be if you worked in a secure environment where USB drive use was required then you could authorise USB access by a similar method. You would then be able to keep track of which files are being transferred and know that only authorised drives were being used. I'm aware that this kind of program could still be open for abuse if correctly hacked but in the application described above all it's going to tell you is which files have been transferred which way. Just a thought... Keep up the good work GonZor and Leapo. I'm just about to download the latest builds of both your payloads to have a play with.

Name: Chris Nationality: British Location: UK Sex: Male Height: 5'10" Age: 22 Favourite Game: Red Alert 2

I'm beginning to get ready to change jobs. At the moment I'm responsible for implementing, maintaining and improving a bunch of secure standalone LAN's. I'm very lucky to be doing the job I currently do as I've got no formal IT qualifications, I just happened to grow up around computers. Anyway, to the point. The company I work for will pay for me to attend some IT courses as a kind of thank you before I leave them. I've seen A+ and CCNA mentioned so far as good courses. After looking at the A+ syllabus it looks a bit basic for the experience I've gathered so far. I was looking at starting with Network+ as a refresher and then going onto Security+ with a bit of CCNA and CCDA thrown in for good measure. As an after thought I was going to look at doing an MCP sitting the Server 2003 exam. Does anyone have any other suggestions for course bearing in mind that I'm hoping to move into the world of designing, implementing and possibly pen testing secure networks? As a side note, has anyone done the Certified Ethical Hacker course? I'm not looking at doing it just yet as I need to get a bit of experience prior to doing this, just wanting to get a feel for it. Bit of a bizzare first post. Should of got on here earlier seeing as I've been watchin Hak. 5 since the beginning. Ah well 8) Shifty