356lecture09

To other systems sends itself as an attachment via an

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: le sharing remote execution capability remote file access or transfer capability remote login capability •  worm e-mails a copy of itself to other systems •  sends itself as an attachment via an instant message service •  creates a copy of itself or infects a file as a virus on removable media •  worm executes a copy of itself on another system •  worm uses a remote file access or transfer service to copy itself from one system to the other •  worm logs onto a remote system as a user and then uses commands to copy itself from one system to the other Worm Propagation Model Morris Worm •  earliest significant worm infection •  released by Robert Morris in 1988 •  designed to spread on UNIX systems –  attempted to crack local password file to use login/ password to logon to other systems –  exploited a bug in the finger protocol which reports the whereabouts of a remote user –  exploited a trapdoor in the debug option of the remote process that receives and sends mail •  successful attacks achieved communication with the operating system command interpreter –  sent interpreter a bootstrap program to copy worm over Recent Worm Attacks Melissa 1998 e- mail worm first to include virus, worm and Trojan in one package Code Red July 2001 exploited Microsoft IIS bug probes random IP addresses consumes significant Internet capacity when active Code Red II A...
View Full Document

This note was uploaded on 02/11/2014 for the course CS 356 taught by Professor Danmassey during the Spring '13 term at Colorado State.

Ask a homework question - tutors are online