Diemazz
Communes of the Isère departmentCharacter actor
1950 in the United Kingdom
Brittannia
white castle menu
Miura, Kanagawa
Kuzuoka Station
Canaules et Argentières
OTCBB
Cabinet of Spain
Category:Railway stations in Osaka Prefecture
Ülenurme Parish
Rayah
Rola Cola
Léthuin
Bb (digraph)
Category:Russian poetry
Maurice Blackburn
Egbert of Wessex
2142
Image:2064 aryabhata crp jpg
Wotan
Wa, Ghana
Newcastle, New Brunswick
Gus Envela, Jr
Tec de Monterrey
0465052975
Asymptotic giant branch
Arab Democratic Party (Lebanon)
MLB Power Pros 2008
Whitefield, Greater Manchester
WLBZ
YCbCr
Transportation economics
Bangaye, Manni
694
Template:Rocket families
Lunamon
alex trebek
Bishop of Dunwich (Anglican)
Roman the Great
Fight Club (disambiguation)
mao zedong
Roncello
Shane Fenton
Tournissan
1818 in architecture
Category:Madhhab
Green Flash
Sam Lee
Without the Communist Party, There Would Be No New China
Game Makers
Red Sorghum
Royal anthem
Template talk:Rhode Island
The Witty worm is a computer worm that attacks the firewall and other computer security products written by a particular company, Internet Security Systems (ISS) now IBM Internet Security Systems. It was the first worm to take advantage of vulnerabilities in the very pieces of software designed to enhance network security, and carried a destructive payload, unlike previous worms. It is so named because the phrase "(^.^) insert witty message here (^.^)" appears in the worm's payload.
The Witty worm incident was unique in that the worm spread very rapidly after announcement of the ISS vulnerability (a day later), and infected a much smaller and presumably harder-to-infect (because the administrators had taken security measures) host population than previous worms.
Contents |
Propagation
On 19 March 2004, the 'Witty' worm began infecting hosts connected to the Internet (and running the vulnerable ISS software) from a "seed" population, probably of previously compromised computers. Within a half-hour it infected 12,000 computers and was generating 90 Gb/s (gigabits per second) of UDP traffic.
Effect of worm
Once Witty infects a computer by exploiting a vulnerability in the ISS software packages (RealSecure Network, RealSecure Server Sensor, RealSecure Desktop, and BlackICE), it attempts to infect other computers using the same vulnerability.
Witty launches these attacks as fast as possible, attacking a pseudo-random subset of IP addresses as quickly as allowed by the computer's Internet connection. It repeats these attacks in groups of 20,000, alternately launching attacks and overwriting sections of the computer's hard disk(s).
References
- Shannon, Colleen and David Moore (2004). "The Spread of the Witty Worm". (Last updated June 21, 2005; Retrieved 14 November 2005.)
- Abhishek Kumar, Vern Paxson and Nicholas Weaver (2005). "Outwitting the Witty worm". (Last updated May 24, 2005; Retrieved 2 February 2006.)
External links
- ISS vulnerability announcement
- Witty Worm Analysis
- Analysis of the worm propagation by CAIDA
- Slashdot article
Site Map: RSS 2.0
Recent Searches:
Witty
Maqam
Category:Listings magazines
March 2000
Edward Heath
Lyndale, Minneapolis
Monologue
Edward Gibbon
VP8
OptimFROG
Related Pages:
"witty quotes"
"witty profiles"
"witty sayings"
"witty one liners"
"definition of witty"
"witty comebacks"
"witty remarks"
"witty comments"
"witty wings"
"witty wizard"