Talk:Evil bit

From Wikipedia, the free encyclopedia

I thought "evil bit" could also refer to the phenomenon in campy science fiction, in which an AI could turn from good to evil at the flip of a switch. --π! 21:22, 20 July 2006 (UTC)

[edit] Possible use for the field?

Wouldn't it be possible for intrusion detection software running on an Internet-facing firewall to use this field to indicate, on a local network, whether the packet is likely part of a possible intrusion? Has such a proposal been reported in a reliable source? --Damian Yerrick (☎) 18:25, 12 October 2006 (UTC)

This RFC is contradicting to other existing standards, which may render the whole internet inoperable, therefore it cannot be implemented. From the RFC, "Because NAT [RFC3022] boxes modify packets, they SHOULD set the evil bit on such packets. "Transparent" http and email proxies SHOULD set the evil bit on their reply packets to the innocent client host.", obviously it is common case in the network. Also, who can prove that the evil bit can be set correctly, hackers obvious don't want this evil bit to be set by themselves :-) . This is the point of this April Fool's RFC. See RFC 3751 — Omniscience Protocol Requirements, which is a very similar self-contradicting joke. --Leeyc0 (Talk) 03:50, 12 January 2007 (UTC)

[edit] Any known implementation in the wild?

Is there any trojan/worm/virus/spam that has been known to set this bit? I could easily imagine some hacker implementing it as a joke, knowing that no hardware will filter it. 129.42.208.182 18:25, 11 September 2007 (UTC)