(also internet worm of November 2, 1988)
Morris worm definition
The Morris worm is one of the oldest internet computer worms. It was created by Robert Tappan Morris, who was a Cornell University student at the time. Robert Morris launched the Morris worm from the MIT network on November 2, 1988, as a ploy to trick people into thinking that the creator was a student there and not at Cornell. The purpose of the Morris worm was to see whether the computers that existed then could be exposed to a self-replicating computer program, now known as a worm.
The Morris worm resulted in around 6,000 machines being depleted of their resources because of the worm, causing them to shut down and become inoperable. And while it was a shocking and frightening experience back then, worms have become a regular and even expected occurrence. In essence, the Morris worm functioned as a denial-of-service or DoS attack. It focused on exploiting weak passwords, contained 900 passwords, and used names of account holders to conduct brute-force attacks, occupying a machine’s resources until it could not function anymore.
Vulnerabilities the Morris worm exploited
- A loophole in the Unix sendmail program’s debug mode.
- A buffer overflow in the finger network service.
- The trust between people that set up network logins with no password requirements.