A portable C "grappling hook" component of the worm was used to download the main body parts, and the grappling hook runs on other systems, loading them down and making them peripheral victims. The main body of the worm can only infect DEC VAX machines running 4 BSD, alongside Sun-3 systems. This had the same effect as a fork bomb, and crashed the computer several times. This resulted in a computer potentially being infected multiple times, with each additional infection slowing the machine down to unusability. Instead, he programmed the worm to copy itself 14% of the time, regardless of the status of infection on the computer. It was initially programmed to check each computer to determine if the infection was already present, but Morris believed that some system administrators might counter this by instructing the computer to report a false positive. Though Morris say that he did not intend for the worm to be actively destructive, instead seeking to merely highlight the weaknesses present in many networks of the time, a consequence of Morris's coding resulted in the worm being more damaging and spreadable than originally planned. Morris's exploits became generally obsolete due to decommissioning rsh (normally disabled on untrusted networks), fixes to sendmail and finger, widespread network filtering, and improved awareness of weak passwords. The transitive trust enabled by people setting up network logins with no password requirements via remote execution (rexec) with Remote Shell (rsh), termed rexec/rsh.A buffer overflow or overrun hole in the finger network service.A hole in the debug mode of the Unix sendmail program.The worm exploited several vulnerabilities of targeted systems, including: The worm's creator Robert Tappan Morris is the son of cryptographer Robert Morris, who worked at the NSA at the time. Morris later became a tenured professor at MIT in 2006. Floppy disk containing the source code for the Morris Worm, at the Computer History MuseumĪ friend of Morris said that he created the worm simply to see if it could be done, and was released from the Massachusetts Institute of Technology (MIT) in the hope of suggesting that its creator studied there, instead of Cornell.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |