article

Free access

Crisis and aftermath

Author:

E. H. SpaffordAuthors Info & Claims

Communications of the ACM, Volume 32, Issue 6

Pages 678 - 687

https://doi.org/10.1145/63526.63527

Published: 01 June 1989 Publication History

PDF eReader

Abstract

Last November the Internet was infected with a worm program that eventually spread to thousands of machines, disrupting normal activities and Internet connectivity for many days. The following article examines just how this worm operated.

References

[1]

Allman, E. Sendmait--An internetwork mail router. University of California, Berkeley, (issued with the BSD UNIX documentation), 1983.]]

Google Scholar

[2]

Denning, P. The Internet worm. Amer. Sci. 77, 2 (Mar.-Apr. 1989}, 126-128.]]

Google Scholar

[3]

Eichen, M.W., and Rochlis, J.A. With microscope and tweezers: An analysis of the Internet virus of November 1988. In Proceedings of the Symposium on Research in Security and Privacy (May 1989}. IEEE-CS, Oakland, Calif.]]

Google Scholar

[4]

Grampp, F.T., and Morris, R.M. UNIX operating system security. AT&T Bell Laboratories Tech. J. 63, 8, part 2 (Oct. 1984}, 1649-1672.]]

Google Scholar

[5]

Harrenstien, K. Name/Finger. RFC 742, SRI Network Information Center, Dec. 1977.]]

Google Scholar

[6]

King, K.M. Overreaction to external attacks on computer systems could be more harmful than the viruses themselves. Chronicle of Higher Education (Nov. 23, 1988), A36.]]

Google Scholar

[7]

Kocher, B. A hygiene lesson. Commun. ACM 32, 1 (Jan. 1989), 3.]]

Digital Library

Google Scholar

[8]

Morris, R., and Thompson, K. UNIX password security. Commun. ACM 22, 11 (Nov. 1979), 594-597.]]

Digital Library

Google Scholar

[9]

Postel, J.B. Simple mail transfer protocol. RFC 821, SRI Network Information Center, Aug. 1982.]]

Digital Library

Google Scholar

[10]

Proceedings of the virus post-mortem meeting. National Computer Security Center, Ft. George Meade, MD, Nov. 8, 1988.]]

Google Scholar

[11]

Reid, B. Lessons from the UNIX breakins at Stanford. Software Engineering Notes 11, 5 (Oct. 1986), 29-35.]]

Digital Library

Google Scholar

[12]

Reid, B. Reflections on some recent widespread computer breakins. Commun. ACM 30, 2 (Feb. 1987}, 103-105.]]

Digital Library

Google Scholar

[13]

Ritchie, D.M. On the security of UNIX. In UNIX Supplementary Documents. AT&T, 1979.]]

Google Scholar

[14]

Royko, M. Here's how to stop computer vandals. Chicago Tribune, (Nov. 6, 1988).]]

Google Scholar

[15]

Seeley, D. A tour of the worm. In Proceedings of the 1989 Winter USENIX Conference. USENIX Association, San Diego, Calif., Feb. 1989.]]

Google Scholar

[16]

Spafford, E.H. The Internet worm program: An analysis. Computer Communication Review 19, 1 (Jan. 1989). Also issued as Purdue CS technical report TR-CSD-823.]]

Digital Library

Google Scholar

[17]

Spafford, E.H. Some musings on ethics and computer breakins. In Proceedings of the Winter USENIX Conference. USENIX Association, San Diego, Calif., Feb. 1989.]]

Google Scholar

[18]

Steiner, J., Neuman, C., and Schiller, J. Kerberos: An authentication service for open network systems. In Proceedings of the Winter USENIX Association Conference, Feb. 1988, pp. 191-202.]]

Google Scholar

[19]

Uncle Sam's anti-virus corps. UNIX Today!. (Jan. 23, 1989), 1o.]]

Google Scholar

Cited By

View all

Finn MShilton K(2023)Ethics governance development: The case of the Menlo ReportSocial Studies of Science10.1177/0306312723115170853:3(315-340)Online publication date: 19-Feb-2023
https://doi.org/10.1177/03063127231151708
Køien GØverlier L(2023)A Call for Mandatory Input Validation and Fuzz TestingWireless Personal Communications10.1007/s11277-023-10431-2Online publication date: 19-Apr-2023
https://doi.org/10.1007/s11277-023-10431-2
Miller BZhang MHeymann E(2022)The Relevance of Classic Fuzz Testing: Have We Solved This One?IEEE Transactions on Software Engineering10.1109/TSE.2020.304776648:6(2028-2039)Online publication date: 1-Jun-2022
https://doi.org/10.1109/TSE.2020.3047766
Show More Cited By

Index Terms

Crisis and aftermath
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime
  2. Professional topics
    1. Computing profession
      1. Codes of ethics
    2. Management of computing and information systems

Recommendations

Analyzing the Aftermath of the McColo Shutdown
SAINT '09: Proceedings of the 2009 Ninth Annual International Symposium on Applications and the Internet

This paper examines how spam behavior was impacted by the shutdown of McColo, a service provider known for its lax security enforcement. Since the shutdown, a variety of sources have reported significant changes to global spam patterns. In an effort to ...
Crisis Management

Multiple recent disasters have put crisis management in the limelight. Consequently, many IT-related research efforts are under way to bring transformational changes to first responder and response organizations’ ability to contain and mitigate crises.
An Event-Driven Architecture for Fine Grained Intrusion Detection and Attack Aftermath Mitigation
ECBS '07: Proceedings of the 14th Annual IEEE International Conference and Workshops on the Engineering of Computer-Based Systems

In today's computing environment, unauthorized accesses and misuse of critical data can be catastrophic to personal users, businesses, emergency services, and even national defense and security. To protect computers from the ever-increasing threat of ...

Reviews

Reviewer: Thomas C. Richards

This paper contains a detailed analysis of the Internet worm incident, which occurred in November 1988. During the evening of November 2 the worm spread quickly to Sun 3 systems and VAX computers running 4 BSD UNIX. As time went on these machines became so loaded that they were unable to continue processing. Within several hours effective methods of stopping the invading program had been discovered. This paper contains a complete analysis of how the Internet worm operated and of the aftermath of its release. This includes how bugs in the fingerd and sendmail software in UNIX were exploited and how the attacker used common lists of passwords until a match was found. A detailed overview of how the worm program functioned is also presented. The author concludes his discussion with the moral, ethical, and legal issues related to this type of computer security breach.

Access critical reviews of Computing literature here

Become a reviewer for Computing Reviews.

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

Communications of the ACM Volume 32, Issue 6

June 1989

92 pages

ISSN:0001-0782

EISSN:1557-7317

DOI:10.1145/63526

Editor:
Peter J. Denning
NASA Ames Research Center, Moffett Field, CA

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 June 1989

Published in CACM Volume 32, Issue 6

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

154
Total Citations
View Citations
2,562
Total Downloads

Downloads (Last 12 months)179
Downloads (Last 6 weeks)7

Reflects downloads up to 16 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Finn MShilton K(2023)Ethics governance development: The case of the Menlo ReportSocial Studies of Science10.1177/0306312723115170853:3(315-340)Online publication date: 19-Feb-2023
https://doi.org/10.1177/03063127231151708
Køien GØverlier L(2023)A Call for Mandatory Input Validation and Fuzz TestingWireless Personal Communications10.1007/s11277-023-10431-2Online publication date: 19-Apr-2023
https://doi.org/10.1007/s11277-023-10431-2
Miller BZhang MHeymann E(2022)The Relevance of Classic Fuzz Testing: Have We Solved This One?IEEE Transactions on Software Engineering10.1109/TSE.2020.304776648:6(2028-2039)Online publication date: 1-Jun-2022
https://doi.org/10.1109/TSE.2020.3047766
Zhang PZhang Y(2021)A BAS Algorithm Based Neural Network for Intrusion Detection2021 11th International Conference on Intelligent Control and Information Processing (ICICIP)10.1109/ICICIP53388.2021.9642170(22-27)Online publication date: 3-Dec-2021
https://doi.org/10.1109/ICICIP53388.2021.9642170
Akrida EDeligkas AMelissourgos TSpirakis P(2021)Connected Subgraph Defense GamesAlgorithmica10.1007/s00453-021-00858-z83:11(3403-3431)Online publication date: 1-Nov-2021
https://dl.acm.org/doi/10.1007/s00453-021-00858-z
van Oorschot Pvan Oorschot P(2021)Malicious SoftwareComputer Security and the Internet10.1007/978-3-030-83411-1_7(183-211)Online publication date: 14-Oct-2021
https://doi.org/10.1007/978-3-030-83411-1_7
van Oorschot Pvan Oorschot P(2021)User Authentication—Passwords, Biometrics and AlternativesComputer Security and the Internet10.1007/978-3-030-83411-1_3(55-90)Online publication date: 14-Oct-2021
https://doi.org/10.1007/978-3-030-83411-1_3
Brumen B(2020)System-Assigned PasswordsInformatica10.15388/20-INFOR40831:3(459-479)Online publication date: 17-Apr-2020
https://dl.acm.org/doi/10.15388/20-INFOR408
Newhall T(2020)Trying to do it all in a single course: a surprisingly good idea2020 IEEE/ACM Workshop on Education for High-Performance Computing (EduHPC)10.1109/EduHPC51895.2020.00006(1-11)Online publication date: Nov-2020
https://doi.org/10.1109/EduHPC51895.2020.00006
Kumar PKumar ASahayakingsly CUdayakumar A(2020)Analysis of intrusion detection in cyber attacks using DEEP learning neural networksPeer-to-Peer Networking and Applications10.1007/s12083-020-00999-y14:4(2565-2584)Online publication date: 31-Oct-2020
https://doi.org/10.1007/s12083-020-00999-y
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

References

Cited By

Index Terms

Recommendations

Analyzing the Aftermath of the McColo Shutdown

Crisis Management

An Event-Driven Architecture for Fine Grained Intrusion Detection and Attack Aftermath Mitigation

Reviews

Access critical reviews of Computing literature here

Comments

Information

Published In

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

PDF

eReader

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations