What were you doing 25 years ago (yesterday)?
Until I noticed Larry Seltzer's story over on zdnet.com[1], I had forgotten the exact date, but I vividly remember taking my systems offline and having to rely on the telephone (horror!) to get information from some of my colleagues on what was happening. 25 years ago yesterday, the first significant internet worm, the infamous Morris worm, hit. One of the major results of the worm and the realization that system/network administrators and those of us who were concerned with their security needed better ways to gather and disseminate information about what we now call malware. The original CERT was created at CMU. Until SQL Slammer came along (almost 15 years later), this was probably the fastest spreading worm to hit the (much smaller in 1988) internet. These days, we don't seem to see nearly as many worms as we used to, the bad guys use other, more subtle, techniques to spread their malware, but 25 years ago yesterday, was a pretty significant one for our profession. If any of our readers were working in the industry at the time, share your thoughts in the comments.
[1] http://www.zdnet.com/the-morris-worm-internet-malware-turns-25-7000022740/
---------------
Jim Clausing, GIAC GSE #26
jclausing --at-- isc [dot] sans (dot) edu
LINUX Incident Response and Threat Hunting | Online | Japan Standard Time | Oct 21st - Oct 26th 2024 |
Comments
http://www.amazon.com/The-Cuckoos-Egg-Tracking-Espionage/dp/1416507787/ref=sr_sp-atf_title_1_1?ie=UTF8&qid=1383516705&sr=8-1&keywords=cuckoos+egg
Anonymous
Nov 3rd 2013
1 decade ago
Anonymous
Nov 4th 2013
1 decade ago
By 1996 the migration to Windows from Wang VS was almost complete. Everyone was getting used to Microsoft Word and most of the custom applications had been rewritten in C or Pascal for Windows. It was a refreshing, new start and everyone loved the wallpapers (coffee-cup) and the "millions of colors" they now had with VGA compared to their old and dusty one-color green screen terminals. Everything about the migration seemed like a success.
And then the phones started ringing... approximately 5 times more than they used to. We had to rename our "computer center" to the "helpdesk". And when we realized what we had done, we quietly said goodbye to the reliable and trustworthy days of the mainframe. Sure, everyone had millions of colors and nice wallpapers but they also had a new number memorized... the helpdesk. And the call volume never died down. Just when you thought it did, a new version of Windows or Word was released which re-started the troubleshooting cycle. A cycle that continues in countless agencies and corporations today. 20 years later, terms like "patch Tuesday" and "hotfix" are common and even seem normal to anyone who is in IT.
I still remember when the migration was over and the old Wang VS mainframe, along with many of its green screen terminals, had been moved into a cold and dark storage room. When I opened the storage room door, they looked up and asked, "What did we do wrong"? I looked down and couldn't answer... I couldn't answer because I didn't have an answer. I left and shut the storage room door feeling like I had betrayed a best friend. I can only hope that they have forgiven me...
Anonymous
Nov 4th 2013
1 decade ago
Anonymous
Nov 4th 2013
1 decade ago
After installing cops all over the place (remember cops?) I proceeded to setup a password cracker to see just how bad our users' passwords were. The results were pretty discouraging (imagine the fun of a CS major telling the head of the CS department that the first name of his son was a pretty dumb password, and a few days later telling him that adding a number to the end of the name wouldn't cut it either - grin).
And since the default password was the last 4 digits of the owner's social security number (ah, the good ol' days when any ol' default was "good enough"), I made a dictionary containing "0000-9999" and restarted the password cracker and promptly had cracked over 70% of all the accounts. That was my welcome to the world of IT and trying to get users to do "the right thing" (tm) and having to do stuff like replacing the passwd command with one that required stronger passwords and automatically expiring accounts with old/default passwords because users apparently couldn't be trusted to do "the right thing" (tm). (sigh)
Anonymous
Nov 4th 2013
1 decade ago
Anonymous
Nov 4th 2013
1 decade ago
Anonymous
Nov 5th 2013
1 decade ago
He didn't volunteer too much about his nephew.
--BC
Anonymous
Nov 6th 2013
1 decade ago