Real Incidents
In 1988, a hole in the debug mode for sendmail and a buffer overflow in the finger service allowed a worm to spread like wildfire across the Internet. Known as the “Robert Morris worm,” named after the author, it was released from MIT in order to disguise the fact that it was originally from Cornell. A bug in the program of the worm caused it to spread and reinfect systems at a much greater rate than anticipated, leading to many sites completely disconnecting themselves from the Internet. Robert T. Morris was later convicted of violating the Computer Fraud and Abuse Act and was sentenced to three years probation, a fine of $10,050, and 400 hours of community service.
In 1988, Clifford Stoll discovered an accounting error of 75 ...
Get Windows Forensics and Incident Recovery now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
