Abstract
A tapeworm is a parasite that lives inside the body of a bigger creature and sustains itself from its host’s resources. A software worm is a program that executes independently of other programs, replicates itself, and spreads through a network from computer to computer. A worm is a type of rogue software that resides in a host computer, but it is not a virus because it is not embedded in a host program. A worm propagates from host to host by exploiting a security hole or a vulnerability discovered by its creator. Section 3.4 shows how the Internet worm exploited security weaknesses in the finger and sendmail UNIX utilities. Section 2.11 describes a vulnerability in a decoder for jpeg images.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
CDC (2004) is http://www.cdc.gov/.
Code Red II (2001) “Code Red II: Another Worm Exploiting Buffer Overflow In IIS Indexing Service DLL,” CERT Incident Note IN-2001-09, Aug. 6. Available online at http://www.cert.org/incident_notes/IN-2001-09.html.
Cohen, Frederick B. (1994a) A Short Course on Computer Viruses, 2nd edition, New York, NY, John Wiley & Sons.
CVE (2001) is CVE-2001-0500, Buffer overflow in ISAPI extension, available online at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0500.
IIS (2004) is www.microsoft.com/iis.
IOCCC (2004) is http://www.ioccc.org/.
Network solutions (2004) is http://www.networksolutions.com/en_US/whois/index.jhtml.
OpenSSL (2004) is the OpenSSL project, located at http://www.openssl.org.
Rochlis, J., and M. Eichin (1989) “With Microscope and Tweezers: The Worm from MIT’s Perspective,” Communications of the ACM, 32(6):689– 698, June.
Shoch, John and Jon Hupp (1982) “The Worm Programs—Early Experience With a Distributed Computation,” Communications of the ACM, 25(3)172– 180. Reprinted in [Denning 90].
Staniford, Stuart, Vern Paxson, and Nicholas Weaver (2002) “How to Own the Internet in Your Spare Time,” Proceedings of the 11th USENIX Security Symposium (Security ’02). Available online at http://www.icir.org/vern/papers/cdc-usenix-sec02/index.html.
Virus bulletin (2005) Virus Bulletin: The International Publication on Computer Virus Prevention, Recognition, and Removal. Available online at http://www.virusbtn.com/magazine/.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2010 Springer London
About this chapter
Cite this chapter
Salomon, D. (2010). Worms. In: Elements of Computer Security. Undergraduate Topics in Computer Science. Springer, London. https://doi.org/10.1007/978-0-85729-006-9_3
Download citation
DOI: https://doi.org/10.1007/978-0-85729-006-9_3
Published:
Publisher Name: Springer, London
Print ISBN: 978-0-85729-005-2
Online ISBN: 978-0-85729-006-9
eBook Packages: Computer ScienceComputer Science (R0)