Morris worm
|
The Morris worm or Internet worm was one of the first computer worms distributed via the Internet; it is considered the first worm virus and was certainly the first to gain significant mainstream media attention. It was written by a student at Cornell University, Robert Tappan Morris, Jr. (now an associate professor at MIT), and launched on November 2, 1988 from MIT.
Contents |
Architecture of the worm
The Morris worm was not written to cause damage but to spread; bugs in the code, however, caused it to be more damaging -- a computer could be infected multiple times and each additional process would slow the machine down to the point it would be unusable. The Morris worm worked by exploiting known vulnerabilities in Unix sendmail, fingerd, rsh/rexec and weak passwords. It could only infect DEC VAX machines running 4 BSD and Sun 3 systems.
Effects of the worm
It is usually reported that around 6,000 major Unix machines were infected by the Morris worm. Programmer Paul Graham has claimed that "I was there when [this statistic] was cooked up, and this was the recipe: someone guessed that there were about 60,000 computers attached to the Internet, and that the worm might have infected ten percent of them." [1] (http://www.paulgraham.com/submarine.html#f4n) The GAO put the cost of the damage at $10M - $100M. Robert Morris was tried and convicted of violating the 1986 Computer Fraud and Abuse Act (Title 18). After appeals he was sentenced to three years probation, 400 hours of community service, and a fine of $10,000.
CERT (the Computer Emergency Response Team) was created as a response to the Morris Worm.
The Morris worm has sometimes been referred to as the "Great Worm", because of the devastating effect it had upon the Internet at that time.
See also
External links
- An analysis of the worm by Eugene Spafford (http://protovision.textfiles.com/100/tr823.txt)
- The Morris Internet Worm by Charles Schmidt and Tom Darby (http://www.snowplow.org/tom/worm/worm.html)
- Helminthiasis of the Internet - RFC 1135, an analysis of the worm infestation.