[TUHS] Happy birthday, Morris Worm!

arnold at skeeve.com arnold at skeeve.com
Thu Nov 2 18:18:23 AEST 2017


Dave Horsfall <dave at horsfall.org> wrote:

> The infamous Morris Worm was released in 1988; making use of known 
> vulnerabilities in Sendmail/finger/RSH (and weak passwords), it took out a 
> metric shitload of SUN-3s and 4BSD Vaxen (the author claimed that it was 
> accidental, but the idiot hadn't tested it on an isolated network first). 
> A temporary "condom" was discovered by Rich Kulawiec with "mkdir /tmp/sh".
>
> -- 
> Dave Horsfall DTM (VK2KFU)  "Those who don't understand security will suffer."

I was a sysadmin at the time at Emory U's computing center. We were very
fortunate to have the worm bypass us, since we were running a sendmail.cf
file that I had written (from scratch!) instead of the standard one.

(It was written using Ease, a preprocessor for sendmail.cf files. It
took me a long time to write and test.  I have, fortunately, literally,
forgotten more about sendmail than most people ever know. :-)

Anyway, I came in that Monday morning to business as usual, only to
hear about the chaos happening in the rest of the Unix world. :-)

I am sure, now, that I totally didn't understand then how really
lucky we were.

Arnold


More information about the TUHS mailing list