Well if it's an air gapped network then there's no way to get patches unless you carry them over on a disk. When I taught a class at a local university we did a similar experiment on an unpatched air gapped network.<br><br>
<div><span class="gmail_quote">On 11/27/06, <b class="gmail_sendername">K F (lists)</b> <<a href="mailto:kf_lists@digitalmunition.com">kf_lists@digitalmunition.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
a douchebag?<br><br>I dunno but why the hell aren't your boxes patched to Sasser yet?<br><br>-KF<br><br><br>deep fried wrote:<br>> What am I<br>><br>> Consultant?<br>> School Teacher?<br>> Terrorist?<br>>
<br>><br>><br>><br>><br>> On 11/27/06, *K F (lists)* <<a href="mailto:kf_lists@digitalmunition.com">kf_lists@digitalmunition.com</a><br>> <mailto:<a href="mailto:kf_lists@digitalmunition.com">kf_lists@digitalmunition.com
</a>>> wrote:<br>><br>> Dude... settle the hell down.<br>><br>> I see little problem with this guy doing this on a closed LAN in a<br>> lab<br>> setting. What part of CLOSED LAB did you miss? Its not like he is
<br>> intentionally letting it loose on the entire school LAN.<br>><br>> -KF<br>><br>> <a href="mailto:ericscher@mac.com">ericscher@mac.com</a> <mailto:<a href="mailto:ericscher@mac.com">ericscher@mac.com
</a>> wrote:<br>> > Chris -<br>> ><br>> > I don't know what to make of your "please reply off-list; I'm<br>> not a member"<br>> > comment.<br>> > It's almost as ridiculous as what you are requesting.
<br>> ><br>> > If I take your question at face value, you are an INSTRUCTOR,<br>> not an Admin.<br>> > That means you probably teach an A+ class, maybe an abbreviated CCNA<br>> > program.
<br>> ><br>> > You have NO FUCKING BUSINESS WHATSOEVER even THINKING about<br>> turning loose a<br>> > dangerous piece of Malware in someone else's network. And it IS<br>> someone
<br>> > else's network; specifically it belongs to the district.<br>> ><br>> > Speak as a network engineer for a large midwestern<br>> schooldistrict, if you<br>> > did that in MY network, I'd have your job. GOD HELP YOU if it
<br>> turns out<br>> > that you actually ARE a teacher in my district. I don't<br>> recognize the name,<br>> > but you can bet your ass that every time we have an infection in<br>> one of our
<br>> > schools from now until the stars burn out; that I'll be making a<br>> point of<br>> > asking who the computer teachers are in that building.<br>> ><br>> > You want to teach these kids a lesson? Write it on the blackboard.
<br>> ><br>> > We have enough work to do just keeping up with the kids, without<br>> an alleged<br>> > professional turning loose a worm in our network.<br>> ><br>> >
<br>> > =================================================<br>> > I'm a high school network administration teacher<br>> > looking for a creative means of teaching my students<br>> > the importance of patch management. I was hoping to
<br>> > let a particularly nasty worm loose on a closed lab<br>> > so my students could see what happens during an outbreak,<br>> > but I'm running into a hitch - I can't find a worm that<br>
> > would spread quickly enough to be useful.<br>> ><br>> > Does anyone have a copy of Sasser or a similar worm<br>> > that they would be willing to send or link me to?<br>> > Please contact me off-list. I would be happy to
<br>> > verify my identity as a high school teacher off-list<br>> > as I'm sure that is a concern for most anyone who has<br>> > what I am looking for.<br>> ><br>> > Please do not reply on list as I am not currently a member.
<br>> > Thank you,<br>> > Chris<br>> > ============================================================<br>> ><br>> > --------------------------------------------------------------------
<br>> > mail2web - Check your email from the web at<br>> > <a href="http://mail2web.com/">http://mail2web.com/</a> .<br>> ><br>> ><br>> > _______________________________________________
<br>> > Full-Disclosure - We believe in it.<br>> > Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>> > Hosted and sponsored by Secunia -
<a href="http://secunia.com/">http://secunia.com/</a><br>> ><br>> ><br>><br>> _______________________________________________<br>> Full-Disclosure - We believe in it.<br>> Charter:
<a href="http://lists.grok.org.uk/full-disclosure-charter.html">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>> Hosted and sponsored by Secunia - <a href="http://secunia.com/">http://secunia.com/</a>
<br>><br>><br>> ------------------------------------------------------------------------<br>><br>> _______________________________________________<br>> Full-Disclosure - We believe in it.<br>> Charter:
<a href="http://lists.grok.org.uk/full-disclosure-charter.html">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>> Hosted and sponsored by Secunia - <a href="http://secunia.com/">http://secunia.com/</a><br>
<br>_______________________________________________<br>Full-Disclosure - We believe in it.<br>Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html">http://lists.grok.org.uk/full-disclosure-charter.html</a>
<br>Hosted and sponsored by Secunia - <a href="http://secunia.com/">http://secunia.com/</a><br></blockquote></div><br><br>