First Internet Worm - 20th Anniversary
Posted
Friday, October 31, 2008 5:37 PM
by
hwaldron
The Morris Internet worm was launched on 11/02/1988 as more of a prank than actual attack. This first malware attack differs greatly from what we see in today's environment.
Happy 20th birthday, internet worm
http://blogs.zdnet.com/security/?p=2096
QUOTE: This weekend marks the 20th anniversary of the Internet Worm, the first major worm that propagated on the Internet. Even though many years have passed and underlying media has changed, worms are still able to wreak havoc and keep system administrators up at night. Today the damage done by worms is far less visible and far less newsworthy but far more difficult to repair than in the past.
On November 2nd, 1988, Robert Tappan Morris launched an application ostensibly designed to count the number of systems on the Internet. It was designed to propagate across Unix systems by exploiting several vulnerabilities, including a conceptual flaw in how r-services (rlogin, rsh, and rexec) authenticate connections, the archaic remote debug feature in Sendmail, and a buffer overflow in the finger daemon. Due to a flaw in it’s design, the Worm attempted far more propagation attempts than were necessary, causing targeted machines to slow dramatically from resource starvation. Long story short, the then Mr. Morris was caught, found guilty, and sentenced to probation and community service.
Today’s worms, however, feel no need to make themselves known, and their authors don’t want to be visible. The authors want the worms to do one thing only, and that is make money. Modern worm authors will use any underlying transport mechanism that is available, eschewing operating system and programming language religious barriers maintained by more orthodox hackers.