Though Morris say that he did not intend for the worm to be actively destructive, instead seeking to merely highlight the weaknesses present in many networks of the time, a consequence of Morris's coding resulted in the worm being more damaging and spreadable than originally planned. Morris's exploits became generally obsolete due to decommissioning rsh (normally disabled on untrusted networks), fixes to sendmail and finger, widespread network filtering, and improved awareness of weak passwords. The transitive trust enabled by people setting up network logins with no password requirements via remote execution (rexec) with Remote Shell (rsh), termed rexec/rsh.A buffer overflow or overrun hole in the finger network service.
0 Comments
Leave a Reply. |