• DocumentCode
    1065663
  • Title

    The spread of the Witty worm

  • Author

    Shannon, Colleen ; Moore, David

  • Author_Institution
    Cooperative Assoc. for Internet Data Anal., Univ. of California, San Diego, CA, USA
  • Volume
    2
  • Issue
    4
  • fYear
    2004
  • Firstpage
    46
  • Lastpage
    50
  • Abstract
    On Friday, 19 March 2004, at approximately 8:45 p.m. Pacific Standard Time (PST), an Internet worm began to spread, targeting a buffer overflow vulnerability in several Internet Security Systems (ISS) products, including its RealSecure Network, RealSecure Server Sensor, RealSecure Desktop, and BlackICE. The worm took advantage of a security flaw in these firewall applications that eEye Digital Security discovered earlier in March. Once the Witty worm - so called because its payload contained the phrase, "( , )insert witty message here ( , )" - infects a computer, it deletes a randomly chosen section of the hard drive, which, over time, renders the machine unusable. We share a global view of the worm\´s spread, with particular attention to its features.
  • Keywords
    Internet; invasive software; BlackICE; Internet Security Systems products; Internet worm; RealSecure Desktop; RealSecure Network; RealSecure Server Sensor; Witty worm; buffer overflow vulnerability; firewall applications; security flaw; Computer networks; Computer security; Computer worms; IP networks; Internet; Pathogens; Payloads; Privacy; Telecommunication traffic; Time sharing computer systems; 65; Internet worm; Witty worm;
  • fLanguage
    English
  • Journal_Title
    Security & Privacy, IEEE
  • Publisher
    ieee
  • ISSN
    1540-7993
  • Type

    jour

  • DOI
    10.1109/MSP.2004.59
  • Filename
    1324598
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1065663