Difference between revisions of "Worm"
(Moderately complete) |
(Spreading method) |
||
| Line 1: | Line 1: | ||
| − | A '''worm''' is a form of [[malware]] - the earliest form conceived in the abstract, actually. In theory, a worm is not ''necessarily'' harmful (and, in fact, the first actual | + | A '''worm''' is a form of [[malware]] - the earliest form conceived in the abstract, actually. In theory, a worm is not ''necessarily'' harmful (and, in fact, one of the first actual worms was intended to be beneficial - see below). |
| − | It differs from [[virus]]es in that a virus is an addition to an existing (usually harmless, and productive) piece of [[object code|binary]] [[software]], whereas a worm is a complete, independent, stand-alone binary [[program]]. Worms typically replicate themselves through a [[data network]]. | + | It differs from [[virus]]es in that a virus is an addition to an existing (usually harmless, and productive) piece of [[object code|binary]] [[software]], whereas a worm is a complete, independent, stand-alone binary [[program]]. Worms typically replicate themselves through a [[data network]], using security flaws in the target machines to gain access to them. |
| − | They were first hypothesized in John Brunner's 1975 novel, "The Shockwave Rider". Worm-like software existed fairly early once data networks existed, but the first serious work with actual worms was done at [[Xerox PARC]], in the late 1970's, on their in-house [[PARC Universal Packet|PUP]] [[internetwork|internet]]. One interesting incident was when an error (in copying or transmission) caused one to spread out of control, crashing machines that it spread to; most of the [[Xerox Alto|Altos]] in the building were left crashed as a result. | + | They were first hypothesized in John Brunner's 1975 novel, "The Shockwave Rider". Worm-like software existed fairly early once data networks existed (one early one was intended to wipe out a virus), but the first serious work with actual worms was done at [[Xerox PARC]], in the late 1970's, on their in-house [[PARC Universal Packet|PUP]] [[internetwork|internet]]. One interesting incident was when an error (in copying or transmission) caused one to spread out of control, crashing machines that it spread to; most of the [[Xerox Alto|Altos]] in the building were left crashed as a result. |
Those worms were mostly productive; the first widespread non-productive (although not actually destructive) worm was the so-called [[Morris worm]], released on the [[Internet]] in November, 1988. It spread through [[Sun-3]] systems, and [[VAX]] computers running [[BSD]] [[UNIX]]; it was mostly an un-intended [[DoS attack]], caused by its un-controlled replication. | Those worms were mostly productive; the first widespread non-productive (although not actually destructive) worm was the so-called [[Morris worm]], released on the [[Internet]] in November, 1988. It spread through [[Sun-3]] systems, and [[VAX]] computers running [[BSD]] [[UNIX]]; it was mostly an un-intended [[DoS attack]], caused by its un-controlled replication. | ||
Latest revision as of 13:23, 24 November 2024
A worm is a form of malware - the earliest form conceived in the abstract, actually. In theory, a worm is not necessarily harmful (and, in fact, one of the first actual worms was intended to be beneficial - see below).
It differs from viruses in that a virus is an addition to an existing (usually harmless, and productive) piece of binary software, whereas a worm is a complete, independent, stand-alone binary program. Worms typically replicate themselves through a data network, using security flaws in the target machines to gain access to them.
They were first hypothesized in John Brunner's 1975 novel, "The Shockwave Rider". Worm-like software existed fairly early once data networks existed (one early one was intended to wipe out a virus), but the first serious work with actual worms was done at Xerox PARC, in the late 1970's, on their in-house PUP internet. One interesting incident was when an error (in copying or transmission) caused one to spread out of control, crashing machines that it spread to; most of the Altos in the building were left crashed as a result.
Those worms were mostly productive; the first widespread non-productive (although not actually destructive) worm was the so-called Morris worm, released on the Internet in November, 1988. It spread through Sun-3 systems, and VAX computers running BSD UNIX; it was mostly an un-intended DoS attack, caused by its un-controlled replication.
External links
- John F. Shoch, Jon A. Hupp, The "Worm" Programs: Early Experience with a Distributed Computation, Communications of the ACM, Volume 25, Number 3, March 1982
- Eugene H. Spafford, The Internet Worm Incident Purdue Technical Report CSD-TR-933, September, 1991
- Eugene H. Spafford, The Internet Worm Program: An Analysis, Purdue Technical Report CSD-TR-823, November 1988
- Viruses, Worms, and Trojan Horses - a good but high-level overview
