ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #131 [Re: ernie.berkeley.edu] (1 message, 1334 bytes)
NOTICE: securitydigest.org recognises the rights of all third-party works.
START OF DOCUMENT
From: Thomas Narten <narten>
Date: Mon 19:56:38 07/11/1988 EST
Subject: Re: ernie.berkeley.edu
References: [Thread Prev: 129] [Thread Next: 196] [Message Prev: 407] [Message Next: 405]
> ... Why is the internet address of ernie.berkeley.edu > hardcoded into the virus? >No one knows. Further info from Monday's NYT: "friends of the young computer expert, including Paul Graham, a computer science graduate student at Harvard University, said the program was first disseminated from a computer at MIT's AI lab while its author, using remote control, sat at his computer at Cornell in Ithaca, NY .... Mr Graham said that the Morris virus program also had a mechanism that was intended to conceal its point of origin further. All copies that the program made of itself were to send messages regularly identifying their location to a computer at UC Berkeley, which would imply that this was where the virus program originated. Mr. Morris left for dinner immediately after letting the program loose in the network, intending to go to bed afterward, friends said. However, after eating, he could not resist returning to his computer to determine the progress of his program, which had been intended to live secretly in the Arpanet. Friends said that to his horror he found that because of a design error the program had reproduced itself so widely that it had already overloaded the network, and he himself had trouble gaining access to remote computers so as to monitor or stop the program's progress. Mr. Morris then telephoned another friend, at Harvard's Aiken Laboratory, and asked him to send out an alert over the Arpanet along with instructions on how to disable the virus. That person sent a terse message in technical language explaining how to stop the virus from spreading but ending with the comment: 'Hope this helps, but more, I hope it is a hoax'. Unfortunately, the message went to a abscure electronic bulletin board; in any case the network was by then so overloaded that few computer sites received it". The message (appended) was sent to the tcp-ip list. Other interesting comments about the sendmail hole: "Eric Allman, a computer programmer who designed the mail program that Morris exploited, said yesterday that he created the back door to allow him to fine tune the program on a machine that an overzealous administrator would not give him access to. He said that he forgot to remove the entry point before the program was widely distributed in 1985."
END OF DOCUMENT
|ISSN 1742-948X 01 (Online) | 2005/03/01 | Copyright 2002-2008 securitydigest.org. All rights reserved.|