Creating virii and worms to hunt down other virii and worms has been repeatedly discussed (though not here, that I'm aware) and repeatedly shot down. These ideas die for good reason.

You cannot predict where your targets are. If you could, you'd just go there and root them out. Therefore, you cannot predict where your "immune system worm" will go. There's the first problem: you have to build in a certain level of unpredictability. As you mentioned, this could have a significant impact on mail servers. Now others will need to build defences against your defences? I wonder what would happen if they fight your "immune system worms" with still more worms...?

Next problem: remember the Morris Worm? It was supposed to be benign. The more things that you need your code to do, the more likely it is to have bugs. Now what we have is a piece of software with an inherently umpredictable migration pattern and that software will have bugs! Note that I didn't say "might". It will be complicated and it will have bugs. Whether or not those bugs are significant is another story. So now we have unpredictable, buggy code out there.

Next problem: you've created your buggy code to travel over the 'Net on Seek out and destroy missions. Crackers are going to have fun taking your code and modifying it to seek out and destroy what they want. Or maybe they just attach virii to your worm and sit back and watch.

Interesting idea, but too many problems. Curious, though, I heard a rumor that Microsoft was thinking about adopting this tactic to deal with Code Red. I certainly hope someone talked sense into them. Don't release worms to fight worms.

Cheers,
Ovid

Update: Here's and interesting link on the problems with creating such technologies.

Vote for paco!

Join the Perlmonks Setiathome Group or just click on the the link and check out our stats.

In reply to (Ovid) Re: So I have this crazy idea about an 'anti-virus virus' by Ovid
in thread So I have this crazy idea about an 'anti-virus virus' by E-Bitch

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.