[TUHS] Happy birthday, Morris Worm!

A. P. Garcia a.phillip.garcia at gmail.com
Sat Nov 2 07:49:05 AEST 2019


On Fri, Nov 1, 2019, 4:37 PM Dave Horsfall <dave at horsfall.org> wrote:

> The infamous Morris Worm was released in 1988; making use of known
> vulnerabilities in Sendmail/finger/RSH (and weak passwords), it took out a
> metric shitload of SUN-3s and 4BSD Vaxen (the author claimed that it was
> accidental, but the idiot hadn't tested it on an isolated network first).
> A
> temporary "condom" was discovered by Rich Kulawiec with "mkdir /tmp/sh".
>
> Another fix was to move the C compiler elsewhere.
>
> -- Dave
>

One of my comp sci professors was a grad student at Cornell when this
happened. He shared a small office with Morris and some other students. He
said that he had to explain that he had absolutely nothing to do with it on
quite a few occasions.

Morris was caught partly because he used the Unix crypt command to encrypt
his source code. The command was a computer model of the Enigma machine,
and its output could be and indeed was cracked, after retrieving the
encrypted code from a backup tape.

It's interesting that the worm was quickly detected. The reason was that it
kept infecting the same machines, and as you referred to, it contained a
password cracker, which slowed those machines to a crawl because of the
multiple instances running.

>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://minnie.tuhs.org/pipermail/tuhs/attachments/20191101/91afb82d/attachment.html>


More information about the TUHS mailing list