Skip to main content

Home Morris worm

Morris worm

(also internet worm of November 2, 1988)

Morris worm definition

The Morris worm is one of the oldest internet computer worms. It was created by Robert Tappan Morris, who was a Cornell University student at the time. Robert Morris launched the Morris worm from the MIT network on November 2, 1988, as a ploy to trick people into thinking that the creator was a student there and not at Cornell. The purpose of the Morris worm was to see whether the computers that existed then could be exposed to a self-replicating computer program, now known as a worm.

The Morris worm resulted in around 6,000 machines being depleted of their resources because of the worm, causing them to shut down and become inoperable. And while it was a shocking and frightening experience back then, worms have become a regular and even expected occurrence. In essence, the Morris worm functioned as a denial-of-service or DoS attack. It focused on exploiting weak passwords, contained 900 passwords, and used names of account holders to conduct brute-force attacks, occupying a machine’s resources until it could not function anymore.

See also: password protection, computer worm

Vulnerabilities the Morris worm exploited

  • A loophole in the Unix sendmail program’s debug mode.
  • A buffer overflow in the finger network service.
  • The trust between people that set up network logins with no password requirements.