To: BUGTRAQ@netspace.org
Lest we forget, today was the 10th anniversary of the Internet Worm,
released by Robert Tappan Morris, Jr.
An article about it appears at http://www.msnbc.com/news/209745.asp
Morris was the first person to be tried under the Computer Fraud and Abuse
Act of 1986. His trial took place in Syracuse, NY (an hour or so north of
Cornell University). He was sentenced to 3 years of probation and also
paid a fine and did some community service. (Kevin Mitnick should be so
lucky!)
Morris' worm exploited three known but un-patched security holes:
- a hole in sendmail
- a hole in finger
- the use of .rhosts files
Estimates at the time were that around 6000 computers were infected.
Because the Internet (and Usenet) was virtually useless during the few
days the Worm was active, people working to eradicate the worm used BITNET
mailing lists to communicate.
One of the major outcomes of the Internet Worm was the formation of CERT.
At first, CERT was a non-profit affiliated with Carnegie Mellon
University. Later, CERT was semi-privatized and became a multi-tiered
membership organization.
-- gbn
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Wed Nov 4 10:05:19 1998