The Morris worm was released on November 2nd, 1988 by Robert Tappan Morris. It was the first of computer worms to be distributed on the internet that would not work as planned.
Origins
As mentioned above, the worm virus was introduced to the world in 1988. It was developed by Morris, a Cornell grad student to understand how quickly a worm could spread. The findings revealed the point that the worm spread much faster than Morris originally expected. The results showed that the worm had ended up infecting systems – say around at least 10 percent of the internet. The impact proved major damages and widespread outages. Morris worm is also recognized as the internet worm or the great worm.
Morris Worm Architecture
Initially, Robert Tappan Morris designed the worm to gauge the size of the Internet and it wasn’t intended to cause any damage to the systems. The worm was introduced into the wild from MIT to highlight the point that its author studied there, however, Morris went onto become a tenured professor at MIT in 2006.
The Morris Worm worked by exploiting known vulnerabilities in Unix Sendmail, finger, and rsh/rexec, as well as weak passwords. Apparently, an unintended outgrowth of the code, caused it to be more damaging. Thereby, a machine could be poisoned numerous times and every extra process would decrease the machine performance speed, finally to the end state of being unusable.
On the other hand, this is similar to the fork bomb effect—crashing the machine several times. The DEC VAX machines running 4BSD, and Sun-3 systems were infected by the main body of the worm. A portable C “grappling hook” component was applied to download the main body parts, and the grappling hook could run on other systems, loading them down and making them peripheral victims.
The Morris Worm Big Blunder
The significant error that modified the worm from a possibly simple rational exercise into a destructive denial of service attack was in the spreading mechanism. The worm would have ascertained whether to attack a new machine by examining whether there was previously a copy running. However, administrators could just run a process that would answer “yes” when asked whether there was previously a copy, and the worm would stay away. The protection against Morris worm was encouraged by Michael Rabin’s mantra “Randomization”.
In order to support this probability, Morris conducted the worm to copy itself, even if the answer is “yes”, 1 out of 7 times. This level of duplication demonstrated to be unreasonable, and the worm simply spread quickly, affecting some machines multiple times. Rabin said that Morris “should have tried it on a simulator first”.
Morris Worm Aftermath
It was reported that around 6,000 major UNIX machines were infected by the Morris worm. Clifford Stoll, who helped fight the worm, wrote in 1989, “I surveyed the network, and found that two thousand computers were infected within fifteen hours. These machines were dead in the water—useless until disinfected. And removing the virus often took two days.” The cost of the damage was estimated at $100,000–10,000,000 by the U.S. Government Accountability Office.
How to get rid of such viruses?
Virus attacks have become very common these days, it is advisable to have an antivirus software installed on your computer to stay safe from virus attacks. When your computer is infected, it requires a best virus removal to get back to the normal state. Thereby, it is important to have a virus protection in place to ward off such issues. Install the Comodo antivirus software and stay rest assured. For more details visit our official page.
Related Resources