2 Nov
2017
2 Nov
'17
12:15 a.m.
On 11/1/17, Dave Horsfall <dave(a)horsfall.org> wrote:
The infamous Morris Worm was released in 1988; making
use of known
vulnerabilities in Sendmail/finger/RSH (and weak passwords), it took out a
metric shitload of SUN-3s and 4BSD Vaxen (the author claimed that it was
accidental, but the idiot hadn't tested it on an isolated network first).
Back in 1980 I accidentally took down DEC's internal network with a
worm that was a VMS DCL script that did a SHOW NETWORK command to
display the adjacent nodes, then copied itself to each node in turn
and executed the copy. It was intended to walk the network to provide
me with the raw information to draw up a network topology map. The
bug was that I forgot network adjacency is commutative--there was
nothing to prevent it from running on nodes where it had been before.
Robert Morris had been an intern at DEC in the compiler group, and he
had been told about my embarrassing worm command procedure. I've
always wondered if my mistake was his inspiration.
-Paul W.