A tapeworm is a parasite that lives inside the body of a bigger creature and sustains itself from its host’s resources. A software worm is a program that executes independently of other programs, replicates itself, and spreads through a network from computer to computer. A worm is a type of rogue software that resides in a host computer, but it is not a virus because it is not embedded in a host program. A worm propagates from host to host by exploiting a security hole or a vulnerability discovered by its creator. Section 3.4 shows how the Internet worm exploited security weaknesses in the finger and sendmail UNIX utilities. Section 2.11 describes a vulnerability in a decoder for jpeg images.
KeywordsWorm Propagation Address Book Security Hole Internet Worm Infected Computer
Unable to display preview. Download preview PDF.
- CDC (2004) is http://www.cdc.gov/.
- Code Red II (2001) “Code Red II: Another Worm Exploiting Buffer Overflow In IIS Indexing Service DLL,” CERT Incident Note IN-2001-09, Aug. 6. Available online at http://www.cert.org/incident_notes/IN-2001-09.html.
- CVE (2001) is CVE-2001-0500, Buffer overflow in ISAPI extension, available online at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0500.
- IIS (2004) is www.microsoft.com/iis.
- IOCCC (2004) is http://www.ioccc.org/.
- Network solutions (2004) is http://www.networksolutions.com/en_US/whois/index.jhtml.
- OpenSSL (2004) is the OpenSSL project, located at http://www.openssl.org.
- Staniford, Stuart, Vern Paxson, and Nicholas Weaver (2002) “How to Own the Internet in Your Spare Time,” Proceedings of the 11th USENIX Security Symposium (Security ’02). Available online at http://www.icir.org/vern/papers/cdc-usenix-sec02/index.html.
- Virus bulletin (2005) Virus Bulletin: The International Publication on Computer Virus Prevention, Recognition, and Removal. Available online at http://www.virusbtn.com/magazine/.