31 October 2008 | 4,515 views

Morris Worm To Turn 20 – How Far Things Have Come

Check Your Web Security with Acunetix

Robert Tappan Morris is a character of Internet lore, anyone who has studied Computer Science, Software Engineering or Computer Security will have heard of this guy.

He’s pretty much the fellow that made the Internet famous (for all the wrong reasons) and the first creator of a bit of self-replicating network based malware (now known as a worm) that did some serious damage. The worm is called the Morris Worm after it’s creator and this Sunday will be it’s 20 year anniversary.

The Internet will mark an infamous anniversary on Sunday, when the Morris worm turns 20. Considered the first major attack on the ‘Net, the Morris worm served as a wake-up call to the Internet engineering community about the risk of software bugs, and it set the stage for network security to become a valid area of research and development.

“It was a really big deal,” says Eric Allman, a computer programmer who in 1981 authored sendmail, open source Internet e-mail software, while he was a student at the University of California at Berkeley. Today, Allman serves as chief science officer at Sendmail, a company that sells commercial-grade versions of the software.

“The biggest implication of the Morris worm was that the Internet was very small … and it was considered a friendly place, a clubhouse,” Allman says. “This [attack] made it clear that there were some people in that clubhouse who didn’t have the best interests of the world in mind … This made it clear we had to think about security.”

It was when the Internet first got into the mainstream media and was known to the general public, albeit it was for the wrong reason. But still I doubt anyone expected back then how dependant we would eventually become on the Internet.

Now if something like this went on and 10% of the Internet was down and seriously effected by a worm which caused denial of service….the whole World would be in turmoil.

It’d be chaos seriously!

The Morris worm was written by Cornell University student Robert Tappan Morris, who was later convicted of computer fraud for the incident. Today, Morris is a respected associate professor of computer science at MIT.

Launched around 6 p.m. on Nov. 2, 1988, the Morris worm disabled approximately 10% of all Internet-connected systems, which were estimated at more than 60,000 machines.

The Morris worm was a self-replicating program that exploited known weaknesses in common utilities including sendmail, which is e-mail routing software, and Finger, a tool that showed which users were logged on to the network.

The Morris worm was able to break into Sun 3 systems and Digital VAX computers running BSD Unix. The fast-spreading worm kept copying itself and infecting computers multiple times, causing many systems to fail.

It’s an interesting story to read if you are familiar with it and probably even more interesting if you’re not, so do check out the Wiki pages on the history of the situation.

There have been very few worms that have caused such widespread infection and failures. Blaster was quite memory and on the virus front I remember CIH was terrible.

Source: Network World



Recent in General Hacking:
- Dradis v2.9 – Information Sharing For Security Assessments
- MagicTree v1.3 Available For Download – Pentesting Productivity
- Kvasir – Penetration Testing Data Management Tool

Related Posts:
- New MSN Worm Hitting Users – BlackAngel.B
- New MySpace and Facebook Worm Target Social Networks
- Email Worm Spreading Like Wildfire – W32.Imsolk/VBMania Variant

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,137,397 views
- Hack Tools/Exploits - 581,274 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 414,209 views

Low-cost VPS Hosting

6 Responses to “Morris Worm To Turn 20 – How Far Things Have Come”

  1. razta 1 November 2008 at 2:48 pm Permalink

    Another great worm worth mentioning is ‘Code Red’ written by the Japanesse to attack the White House web server after an American spy plane ‘accidently’ collided with a Japanesse airforce fighter jet.

  2. goodpeople 3 November 2008 at 7:54 am Permalink

    I allways tell my students about the Morris Worm. It’s one of those stories that brings back warm feelings about “the good old days”.

  3. razta 3 November 2008 at 5:54 pm Permalink

    @goodpeople
    What do you teach? Where do you teach it? I myself am a computer security student.

  4. navin 4 November 2008 at 1:40 pm Permalink

    @ razta
    me too…but as of now a fullon computer sciences student!! :)

  5. razta 4 November 2008 at 10:12 pm Permalink

    @navin
    I was thinking of doing computer sciences, a few of my friends are taking that at university. I decided to take Ethical Hacking, not doing much hacking at the moment as its my first year. Mostly doing networking, programming, legal, ethics and computer forensics.

  6. Pantagruel 5 November 2008 at 10:09 am Permalink

    The mother of all worms!

    And just like goodpeople mentioned, it oozes old skool feeling giving those of us who have experienced this worm a warm feeling.