Printer Friendly
The Free Library
14,529,145 articles and books
Member login
User name  
Password 
 
Join us Forgot password?

Worming into a computer's vulnerable core.


Worming into a computer's vulnerable core

Thousands of computer users last week learned a lesson in security when a sophisticated, rogue computer program infiltrated their systems, exploiting features largely meant to facilitate certain computer functions. The program, commonly termed a "virus" but more accurately described in computer jargon as a "worm," invaded more than 6,000 computers linked by ARPANET (Advanced Research Projects Agency NETwork) The research network funded by the U.S. Advanced Research Projects Agency (ARPA). The software was developed by Bolt, Beranek and Newman (BBN), and Honeywell 516 minicomputers were the first hardware used as  and other data communications data communications, application of telecommunications technology to the problem of transmitting data, especially to, from, or between computers. In popular usage, it is said that data communications make it possible for one computer to "talk" with another.  networks, disrupting computer operations at numerous universities and research centers.

The worm program was apparently concocted by Robert T. Morris Robert T. Morris - The creator of the "Internet Worm" that wreaked havoc on many Internet systems for a day or two.

Morris, the son of an NSA spook, did some jail time for releasing the worm.  Jr., a graduate student in computer science at Cornell University Cornell University, mainly at Ithaca, N.Y.; with land-grant, state, and private support; coeducational; chartered 1865, opened 1868. It was named for Ezra Cornell, who donated $500,000 and a tract of land. With the help of state senator Andrew D.  in Ithaca, N.Y. Released the night of Nov. 2, the program propagated itself rapidly using communications channels designed to permit the free flow of messages and data among researchers.

Unlike a computer virus, which usually consists of a small set of instructions that attaches itself to another program and then attempts to replicate, a worm is a self-contained computer program that enters by way of a communications channel and then generates its own commands. This particular worm, which actually consisted of a cluster of related computer programs, targeted computers that use an operating system operating system (OS)

Software that controls the operation of a computer, directs the input and output of data, keeps track of files, and controls the processing of computer programs.  known as Berkeley Unix Berkeley Unix - Berkeley Software Distribution  4.3.

Normally, in an electronic mail system, the sending computer opens a connection to another computer to which it wants to deliver a piece of mail, or message. Following a strict protocol, the receiving computer acknowledges the connection, approves the transfer and controls where the message goes.

The worm took advantage of a "trap door See trapdoor.

trap door - Or "trapdoor" 1. back door.

2. trap-door function ," an extra command in the protocol that provides information about how the delivery system is working and allows a user to fix any problems. The command also happens to turn off the automatic check that ensures a message is delivered to the right place.

That loophole allowed the infiltrator to send a short message directly to a program called a command interpreter Same as command processor.

(operating system) command interpreter - A program which reads textual commands from the user or from a file and executes them. Some commands may be executed directly within the interpreter itself (e.g.  instead of to a "mailbox," where the message would be stored. The message, in turn, contained just enough instructions to direct the command interpreter to open a new network connection back to the invading computer, which would then pass on the other programs in the package. The command interpreter treated these programs in the same way it would handle a legitimate program, proceeding to execute the given instructions.

Those instructions were designed to rummage through the infected computer's files in search of addresses of other likely targets for infiltration. "It was actually quite smart about how it looked for such places," says Daniel Nydick, a research systems programmer (1) In the IT department of a large organization, a technical expert on some or all of the computer's system software (operating systems, networks, DBMSs, etc.). They are responsible for the efficient performance of the computer systems.  at Carnegie Mellon University Carnegie Mellon University, at Pittsburgh, Pa.; est. 1967 through the merger of the Carnegie Institute of Technology (founded 1900, opened 1905) and the Mellon Institute of Industrial Research (founded 1913).  in Pittsburgh. For example, instead of checking the computer's lengthy main directory, it looked specifically for mail-forwarding information, going after computers on that list, or for special files listing trusted users who didn't have to use passwords. The worm could use the computer's ability to connect with a foreign machine without a password as a means of spreading the infection faster than by using the mail system. The worm included several other strategies for identifying potentially vulnerable targets and for invading other computers.

What made the infestation infestation /in·fes·ta·tion/ (-fes-ta´shun) parasitic attack or subsistence on the skin and/or its appendages, as by insects, mites, or ticks; sometimes used to denote parasitic invasion of the organs and tissues, as by helminths.  noticeable was that infected computers could become infected again and again, essentially slowing and clogging the computers. "We were warned that there was something going on when people noticed their machines were getting very slow and seemed to be very busy for no particular reason," Nydick says. "The machines that were hardest hit were those that were favorite places to send mail. It was very much like an automated chain letter."

The simple cure was to disconnect an infected computer from the network, shut it down and then start it up again. Because the worm was never stored permanently in a computer's memory, turning off the machine erased the invader. And because the invading program made no changes in any computer files, the computer could resume its usual operations as if nothing had happened. Programmers also had to modify the electronic mail program and the Berkeley Unix 4.3's other affected features to thwart future attacks, enabling network links to be made again.
COPYRIGHT 1988 Science Service, Inc.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 1988, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:computer virus
Author:Peterson, Ivars
Publication:Science News
Date:Nov 12, 1988
Words:673
Previous Article:Subsea volcanoes found near Hawaii.
Next Article:High expectations for Voyager 2 at Neptune.
Topics:



Related Articles
Security Supplement.
Computer Parasitology.
Web worms: Code Red to Warhol.(Brief Article)
2001 anti virus review: Kaspersky Labs presents a year-end review of events taking place in anti-virus safety. (Security).
Keeping viruses at bay: with new internet viruses more insidious than ever; here's how districts can fight back.
Welchia offers insecurity--Kaspersky.(Security News)
Netsky-V worm slithers without email attachment.(Virus Notes)(Brief Article)
Virus activity for first six months of 2004.(Software Digest)(Illustration)
British teen sentenced for computer worm reports Sophos.(Security Products)(Brief Article)
New virus diguised as Saddam Hussein death.(Security)

Terms of use | Copyright © 2009 Farlex, Inc. | Feedback | For webmasters | Submit articles