Morris Worm To Turn 20 – How Far Things Have Come

The New Acunetix V12 Engine


Robert Tappan Morris is a character of Internet lore, anyone who has studied Computer Science, Software Engineering or Computer Security will have heard of this guy.

He’s pretty much the fellow that made the Internet famous (for all the wrong reasons) and the first creator of a bit of self-replicating network based malware (now known as a worm) that did some serious damage. The worm is called the Morris Worm after it’s creator and this Sunday will be it’s 20 year anniversary.

The Internet will mark an infamous anniversary on Sunday, when the Morris worm turns 20. Considered the first major attack on the ‘Net, the Morris worm served as a wake-up call to the Internet engineering community about the risk of software bugs, and it set the stage for network security to become a valid area of research and development.

“It was a really big deal,” says Eric Allman, a computer programmer who in 1981 authored sendmail, open source Internet e-mail software, while he was a student at the University of California at Berkeley. Today, Allman serves as chief science officer at Sendmail, a company that sells commercial-grade versions of the software.

“The biggest implication of the Morris worm was that the Internet was very small … and it was considered a friendly place, a clubhouse,” Allman says. “This [attack] made it clear that there were some people in that clubhouse who didn’t have the best interests of the world in mind … This made it clear we had to think about security.”

It was when the Internet first got into the mainstream media and was known to the general public, albeit it was for the wrong reason. But still I doubt anyone expected back then how dependant we would eventually become on the Internet.

Now if something like this went on and 10% of the Internet was down and seriously effected by a worm which caused denial of service….the whole World would be in turmoil.

It’d be chaos seriously!

The Morris worm was written by Cornell University student Robert Tappan Morris, who was later convicted of computer fraud for the incident. Today, Morris is a respected associate professor of computer science at MIT.

Launched around 6 p.m. on Nov. 2, 1988, the Morris worm disabled approximately 10% of all Internet-connected systems, which were estimated at more than 60,000 machines.

The Morris worm was a self-replicating program that exploited known weaknesses in common utilities including sendmail, which is e-mail routing software, and Finger, a tool that showed which users were logged on to the network.

The Morris worm was able to break into Sun 3 systems and Digital VAX computers running BSD Unix. The fast-spreading worm kept copying itself and infecting computers multiple times, causing many systems to fail.

It’s an interesting story to read if you are familiar with it and probably even more interesting if you’re not, so do check out the Wiki pages on the history of the situation.

There have been very few worms that have caused such widespread infection and failures. Blaster was quite memory and on the virus front I remember CIH was terrible.

Source: Network World

Posted in: Hacking News, Malware

, ,


Latest Posts:


Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.


6 Responses to Morris Worm To Turn 20 – How Far Things Have Come

  1. razta November 1, 2008 at 2:48 pm #

    Another great worm worth mentioning is ‘Code Red’ written by the Japanesse to attack the White House web server after an American spy plane ‘accidently’ collided with a Japanesse airforce fighter jet.

  2. goodpeople November 3, 2008 at 7:54 am #

    I allways tell my students about the Morris Worm. It’s one of those stories that brings back warm feelings about “the good old days”.

  3. razta November 3, 2008 at 5:54 pm #

    @goodpeople
    What do you teach? Where do you teach it? I myself am a computer security student.

  4. navin November 4, 2008 at 1:40 pm #

    @ razta
    me too…but as of now a fullon computer sciences student!! :)

  5. razta November 4, 2008 at 10:12 pm #

    @navin
    I was thinking of doing computer sciences, a few of my friends are taking that at university. I decided to take Ethical Hacking, not doing much hacking at the moment as its my first year. Mostly doing networking, programming, legal, ethics and computer forensics.

  6. Pantagruel November 5, 2008 at 10:09 am #

    The mother of all worms!

    And just like goodpeople mentioned, it oozes old skool feeling giving those of us who have experienced this worm a warm feeling.