Witty worm flaws reveal source, initial targets
Robert Lemos writes in SecurityFocus:
The Witty worm, which infected more than 12,000 servers a year ago, came from a single computer in Europe and used a U.S. military base's vulnerable systems to kick-start the epidemic, according to an analysis released by three researchers this week.
The researchers combined records from the initial spread of the Witty worm along with an analysis of the random number generator used by the program to pick its targets and discovered that the worm almost certainly spread initially from a computer owned by a customer of a European Internet Service Provider. The analysis also found that about 10 percent of the Internet's addresses would not have been generated, thus infected, by the Witty worm and that 110 computers at a U.S. military base were likely among a "hit list" of systems that were targeted explicitly by the worm.
0 Comments:
Post a Comment
<< Home