Back to Recollections
Advanced
1988
The Morris Worm
Target: The Early Internet (ARPANET)
Impact: 10% of Internet Disabled
Operational Briefing
Return to the dawn of cyber warfare. Analyze the first worm released on the Internet.
The Full Story
The Morris Worm was the first computer worm distributed via the Internet. Written by Robert Tappan Morris, it was intended to gauge the size of the internet but a bug caused it to replicate excessively, DoS-ing machines.
Technical Analysis
Vectors
- sendmail: Exploited debug mode in sendmail.
- fingerd: Exploited a buffer overflow in the finger daemon.
- rsh/rexec: Guessing weak passwords to gain access via trusted hosts.
Available Modes
Offensive
Replicate the attack vector
Defensive
Harden systems & patch
Analysis
Forensic investigation
Event Timeline
Nov 2, 1988
Worm released from MIT.
Nov 3, 1988
Worm clogs 10% of connected machines.
1989
Morris becomes first person convicted under CFAA.
#Worm#Buffer Overflow#History