Morris_Worm_introduction_and_Analysis_.pptx
YuChianWu1
24 views
14 slides
Jun 10, 2024
Slide 1 of 14
1
2
3
4
5
6
7
8
9
10
11
12
13
14
About This Presentation
morris worm
Slide Content
Morris Worm by ycwu0509
Introduction The Morris Worm, released by Robert Tappan Morris on November 2, 1988, was one of the first computer worms to spread extensively on the Internet. While its intent was not destructive, a design flaw caused it to replicate excessively, leading to significant disruptions.
Introduction Purpose: Estimate the size of the internet at the time. Impact: The worm caused numerous systems to become overloaded and cease functioning. Prompted rapid development and reassessment of network security measures.
Initialization: Includes setting up network interfaces and loading encryption functions. ( worm.c , net.c ) Self-Replication: The worm replicates itself to other hosts. ( worm.c , x8113550.c) Password Cracking: Uses dictionary attacks and common passwords to crack accounts on the target system. ( cracksome.c ) Remote Execution: Executes itself on other systems through remote execution services. ( worm.c , x8113550.c) Cleanup: Cleans up the host list and keeps the program running continuously. ( hs.c ) Operation Flow
worm.c Key Functions and Features Main logic of the worm program, including initialization, main loop, and functions for communicating with other copies. Key Functions: main(): Initializes screen, forks process, sets up network connections. xread (): Read function with timeout. try_rsh_and_mail (): Tries to spread the worm via rsh and email. fork_rsh (): Helper function to execute rsh commands on remote host. test_connection (): Tests connection to remote host. Features: Handles the worm's self-replication and communication with other hosts.
worm.h Key Functions and Features Contains global variables and structure definitions essential for the worm's operation. Defines magic numbers and external variable declarations necessary for worm identification and communication.
wormdes.c Key Functions and Features Contains the encryption functions used by the worm program, which are optimized versions of the traditional UNIX encryption algorithm. Key Functions: Optimized DES encryption functions. Features: Enhanced performance for faster encryption and decryption, crucial for cracking passwords efficiently.
x8113550.c Key Functions and Features Responsible for receiving files from a remote host and executing them on local system Includes logic for establishing connections to the remote host and managing file transfers. Key Functions: connect(): Establishes a connection to the remote host. xread (): Reads data from the socket. Features: Manages the file transfer and execution, critical for the worm's propagation.
stubs.c Key Functions and Features Contains placeholder functions for basic functions Key Functions: crypt(): Placeholder for password encryption function. h_addr2host(): Placeholder for address to hostname resolution function. h_name2host(): Placeholder for hostname to address resolution function. Features: Provides dummy implementations to satisfy linking requirements.
cracksome.c Key Functions and Features Contains the password cracking strategies and logic, including trying common passwords, username variations, and dictionary attacks. Key Functions: cracksome (): Cracks passwords based on different strategies. strat_0(): Looks for new hosts in / etc / hosts.equiv and /. rhosts . strat_1(): Tries simple usernames and reversed usernames as passwords. try_words (): Tries predefined word list as passwords. dict_words (): Reads words from dictionary and tries as passwords. Features: Implements multiple strategies for password cracking, enhancing the worm's ability to penetrate systems.
net.c Key Functions and Features Contains functions related to network initialization and configuration, including initialization of network interfaces, setting default netmasks, and initializing the routing table. Key Functions: if_init (): Initializes network interfaces. def_netmask (): Returns default subnet mask based on network address. netmaskfor (): Returns subnet mask for a specific address. rt_init (): Initializes routing table. getaddrs (): Gets host addresses. Features: Sets up networking components essential for worm's communication and propagation.
hs.c Key Functions and Features Contains various functions for managing host lists, gateway checks, and attempting connections to remote hosts. Key Functions: h_clean (): Cleans up uncontacted hosts from the host list. hg(): Searches for reachable gateways. ha(): Scans host addresses. hi(): Attempts to contact hosts. hi_84(): Scans and attempts connections based on address masks. Features: Manages the network traversal and ensures the worm can reach as many hosts as possible.
makefile Key Functions and Features Defines how to compile and package the C source files, including compile options, dependencies, clean commands, and generating tag files. Key Features: Streamlines the build process and ensures all necessary components are compiled and linked correctly.
Conclusion The release of the Morris Worm exposed numerous vulnerabilities in network security. This analysis provides a detailed understanding of its mechanisms and operations .
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 24
- Slides 14
- Age 539 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
14
Fertility awareness methods for women in the society
Isaiah47
29 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views