Author_Institution :
Cooperative Assoc. for Internet Data Anal., Univ. of California, San Diego, CA, USA
Abstract :
On Friday, 19 March 2004, at approximately 8:45 p.m. Pacific Standard Time (PST), an Internet worm began to spread, targeting a buffer overflow vulnerability in several Internet Security Systems (ISS) products, including its RealSecure Network, RealSecure Server Sensor, RealSecure Desktop, and BlackICE. The worm took advantage of a security flaw in these firewall applications that eEye Digital Security discovered earlier in March. Once the Witty worm - so called because its payload contained the phrase, "( , )insert witty message here ( , )" - infects a computer, it deletes a randomly chosen section of the hard drive, which, over time, renders the machine unusable. We share a global view of the worm\´s spread, with particular attention to its features.
Keywords :
Internet; invasive software; BlackICE; Internet Security Systems products; Internet worm; RealSecure Desktop; RealSecure Network; RealSecure Server Sensor; Witty worm; buffer overflow vulnerability; firewall applications; security flaw; Computer networks; Computer security; Computer worms; IP networks; Internet; Pathogens; Payloads; Privacy; Telecommunication traffic; Time sharing computer systems; 65; Internet worm; Witty worm;
