Chapter 250 Change
Although the antivirus program was written, Edward found that he encountered a very serious problem - there was no effective way to publish his program smoothly, because he lacked the latest span network node distribution map.
Thespan network is completely composed of decentralized nodes, not a centralized structure.
Edward remembered a previous incident. He remembered that there was a young man named Claire on the Department of Defense who had been ambitious to completely describe the network topology of span, but he inadvertently triggered the intrusion alarm of many systems, which was encountered by many institutions. With strong protest and opposition, the young man finally had to give up the idea.
So that now no one knows what the distribution structure of the entire span network has become.
Edward quickly called the Ministry of Defense according to the clues in his memory, and was told that the other party had left long ago, and they did not know where he had gone.
He wanted to ask if the other party had achieved certain results at that time, and he did not get any useful information.
No administrator has the contact information of the system administrator of other nodes. Usually, where there is a problem, it is made from the bottom to the top, layer by layer.
Sometimes, there are also some agencies such as the offices or laboratories of NASA Research Center that have never heard of or registered have called to solve computer failures. These offices and laboratories are directly connected to span without notifying the span network office. They don't even have a clear name.
In the view of the administrators of these nodes, they think that "no one knows will be safer" that they are not on the network map and any list of span, and hackers naturally have no way to know their existence.
I don't know that these are just wishful thinking.
Edward made a lot of phone calls, but he didn't achieve his goal.
He can only write a detailed analysis report and send it to the mailbox of the system administrator he knows by email. At the end of the email, he also attached the anti-virus program he wrote.
But he has no hope for this, because at present, there are not many computers that can operate normally on the Internet, and even many members of the security team have been recruited, and they can only be contacted by phone.
His adw antivirus program will automatically detect the computer existing on the network. After entering the computer, first confirm whether the computer has been infected. If so, kill the worm first, and then patch it. If not, patch it directly.
In the report, Edward mainly analyzed where the worm will modify the computer, and the harm it can cause, including the distribution map of the area currently infected by the tree worm.
Edward is eager to receive feedback from others and to see the good news that the worm has been cleared by his antivirus program.
However, what puzzled him was that the feedback was indeed sent quickly, but it was not good news, but something else happened - a new version of the worm was found!
The person who submitted the variant of the worm is a network administrator named Tok Frank from the U.S. Department of Energy.
Like Edward, Tok is not a formal security worker. He is just very interested in computer security issues. However, it is recognized internally that he is very proficient in the vms system, and his official job is a network administrator of a national laboratory funded by the Ministry of Energy.
After analysis, Edward found that the new version of the worm submitted by Tok was a previous variant, in which there were several improvements, which seemed to be released later after the improvement of the shortcomings.
In this way, Edward's adw antivirus program is completely useless, because he took advantage of one of the worm vulnerabilities in a way, but now the other party has fixed it, so his antivirus program has lost its meaning.
Edward is not sure whether there are any other new variants on the Internet, but from the current point of view, this seems very likely.
Things went back to the starting point again, which made Edward very frustrated. He called Todd and wanted to hear some good news from him. In a real security group, there are very few people who can really work. Others may have their own unique aspects in programming or hardware, but in the field of vms security, they are not as good as Edward. Fortunately, they later joined Todd.
"Hello, I'm Edward. I've contacted you by email before."
"Hello. I read your analysis report and it is very well written.
Although Edward's analysis report has not been officially released, it has been sent to some people in the group. Although it has no effect now, at least let others know that he has done this work.
"Thank you." With the recognition of his peers, Edward's frustration was a little better. "But my work has no meaning. I just re-analyzed the new version. It seems to be a brand-new worm, and it is more powerful than the old version with fewer shortcomings."
"You're right. Just now, I found a new variant here again, which is the third type known so far.
"Real is it?" Edward was stunned and said, "How can it come out so fast? The speed of our antivirus is far less than the speed of each other's release of worms. Is it necessary to disconnect the whole span?
Edward shuddered when he thought of this situation.
span The network has encountered the biggest crisis since its inception.
If all the connections are disconnected, it will cause immeasurable losses, and the whole United States will stagnate as a result, and there will be huge losses in scientific research, military and economy.
But it keeps opening, and the behind-the-scenes black hand hidden behind it is constantly stealing confidential information from the United States, which is also an unacceptable fact.
Although new members are constantly joining the security team, this is completely useless.
This new worm has exceeded everyone's understanding, as if it has surpassed the computer technology of this era. This situation is like when they are still slashing and burning, suddenly facing a robber and robber with a hot weapon.
Although Edward believes that these worms can be removed sooner or later, it takes time, and they must first fully master all the secrets of the worms before they can proceed.
But by that time, maybe the tree worm has completed its mission.
"Man, maybe it's not that bad." Todd comforted Edward when he heard the frustration in his tone.
"Sorry, I'm a little lost."
"I can understand." Todd continued, "I mean, the situation is not as serious as expected. I read your analysis report. In the report, you mentioned that the whole southern part of the federation, except for some nodes that actively disconnected the network, have been attacked by worms, but as far as I know, that's not the case.
"Real is it?" Edward was stunned. "The data in my report is completely based on feedback. How can there be a mistake?"
"Many of the places you mentioned in the report that have been disconnected from the network are still connected to the network, and they don't even know that the entire span network is being attacked by unprecedented worms, such as the California Radar Laboratory, Fermi Laboratory, and Lawrence in the East* Livo Research Center, and..."
Todd mentioned the names of several important institutions and laboratories. At present, the network is running very well. Todd has friends working there and contacted them by email or phone. They didn't even know that such a thing had happened.
However, in Edward's report, these nodes should either actively disconnect from the trunk network or, in theory, be completely captured by the tree worm.
"That's impossible!" After listening to this, Edward immediately retorted, "I infer other places based on the contribution of their surrounding nodes, but I can be sure that I have been completely infected in Fermi Lab, because Anthony, their system administrator, called before to report the failure."
Although Edward had never known Anthony's existence before, he was very impressed by the swearing guy. At that time, after receiving the phone call from the other party, he was immediately scolded by the other party.
"Is it? That's strange." Todd also wondered, "I have a former colleague who works in Fermi's laboratory. I talked to him on the phone more than ten minutes ago, and he said that everything on the Internet was fine. He can't lie to me. What you said should be true. Then, there is only one possibility left, that is, they may have been infected with worms before, and then recovered quickly.
Todd's words moved Edward's heart.
Is there a great man in Fermi's laboratory who has found an effective way to kill worms?
After Edward and Todd finished the call, Edward immediately called Anthony, the administrator over there. He was glad that he had left his mind before and wrote down the other party's number.
No one answered the phone for the first time, which made Edward a little anxious.
He hung up and dialed again. This time, after waiting for three times to ring, the phone was finally picked up.
"Hello, I'm Edward from the Span Network Security Response Center. I want to find the administrator Anthony."
"I'm Anthony. Edward, it turned out to be you. Why do you call me now without looking at the time? I'm just about to get off work. Anthony's thick voice was remembered in the receiver.
After work? Edward was slightly stunned. He looked at his watch. Indeed, it has exceeded the normal off-duty time by ten minutes. According to his usual schedule, he should indeed get off work.
But isn't this an extraordinary time?
In doubt, Edward asked, "Hello, I want to ask, how is the network situation in your laboratory now?"
"Network? Oh - are you calling specifically to ask about this? Our network has been restored smoothly. I didn't think you were so efficient this time. Haha, it seems that it's quite useful for me to scold you! There are no other problems, but there are some important servers that can't be accessed. I called there, and it is said that I have been infected with the virus. I think they should ask you to check it out..."