How to 0wn the internet in your spare time

Proceedings of the 11th USENIX Security Symposium

Volumn , Issue , 2002, Pages

  Staniford, Stuart ^a   Paxson, Vern ^b,d   Weaver, Nicholas ^c  

^a Silicon Defense   (United States)

^b ICSI Center for Internet Research   (United States)

^c UNIVERSITY OF CALIFORNIA   (United States)

^d LAWRENCE BERKELEY NATIONAL LABORATORY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CODES (SYMBOLS); COMPUTER VIRUSES; DISEASE CONTROL; SCANNING; VIRUSES;

CENTER FOR DISEASE CONTROLS; CYBER SECURITY; DENIAL OF SERVICE; EMPIRICAL DATA; FLASH WORMS; INTERNET HOSTS; ROBUST MECHANISMS; SENSITIVE INFORMATIONS;

DENIAL-OF-SERVICE ATTACK;

EID: 85084162258     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (31)

1. [Bd02] Brilliant Digital Media. “Altnet—a vision for the future,” Apr. 2, 2002. http://www.brilliantdigital.com/content.asp?ID=779
2. [Br+00] Andrei Broder et al, “Graph structure in the web,” Proc. 9th International World Wide Web Conference, pp. 309–320, 2000. http://www9.org/w9cdrom/160/160.html
3. [CSA00] Neal Cardwell, Stefan Savage, and Thomas Anderson, “Modeling TCP Latency,” Proc. INFOCOM, 2000.
4. [CDC02] Centers for Disease Control and Prevention, Jan. 2002. http://www.cdc.org
5. [CE01] CERT, “Code Red II: Another Worm Exploiting Buffer Overflow In IIS Indexing Service DLL,” Incident Note IN-2001-09, Aug. 6, 2001. http://www.cert.org/incident notes/IN-2001-09.html
6. [CE02] CERT, “CERT Incident Note IN-2001-15, W32/Goner Worm,” Incident Note IN-2001-15, Dec. 4, 2001. http://www.cert.org/ incident notes/IN-2001-15.html
7. [CE03] CERT, “CERT Incident Note IN-2001-11, sadmind/IIS Worm,” Incident Note IN-2001-11, May 8, 2001. http://www.cert.org/ incident notes/IN-2001-11.html
8. [CV01] Common Vulnerabilities and Exposures, “CVE-2001-0500,” Buffer overflow in ISAPI extension (idq.dll), Mar. 9, 2002. http://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2001-0500
9. [DA01] Das Bistro Project, 2001. http://www.dasbistro.com/default.ida
10. [Di99] David Dittrich, “The ‘stacheldraht’ distributed denial of service attack tool”, Dec. 31, 1999. http://staff.washington.edu/dittrich/misc/stacheldraht.analysis
11. [EDS01a] Eeye Digital Security, “.ida ‘Code Red’ Worm,” Advisory AL20010717, Jul. 17, 2001. http://www.eeye.com/html/Research/Advisories/AL20010717.html
12. [EDS01b] Eeye Digital Security, “Code Red Dis-assembly,” 2001. http://www.eeye.com/html/advisories/codered.zip
13. [EDS01c] Eeye Digital Security, “All versions of Microsoft Internet Information Services Remote buffer overflow,” AdvisoryAD20010618, Jun. 18, 2001. http://www.eeye.com/html/Research/Advisories/AD20010618.html
14. [ER89] Mark Eichin and Jon A. Rochlis, “With Microscope and Tweezers: An Analysis of the Internet Virus of November 1988,” Proc. 1989 IEEE Computer Society Symposium on Security and Privacy.
15. [Fa01] FastTrack — P2P Technology. KaZaA Media Desktop, Jan. 2002. http://www.fasttrack.nu/
16. [Ka01] KaZaA Media Desktop, Jan. 2002. http://www.kazaa.com/en/index.htm
17. [MSVS02] David Moore, Colleen Shannon, Geoffrey M. Voelker, and Stefan Savage, “Internet Quarantine: Limits on Blocking Self-Propagating Code,” work in progress, 2002.
18. [Mu01] Morpheus, Jan. 2002. http://www.musiccity.com/
19. [Ne02] Netcraft, “Netcraft Web Server Survey,” Jan. 2002. http://www.netcraft.com/survey/
20. [NCSB01] Landon Curt Noll, Simon Cooper, Peter Seebach, and Leonid Broukhis, The International Obfuscated C Code Contest, Jan. 2002. http://www.ioccc.org/
21. [OR93] J. Oikarinen and D. Reed, RFC 1459, Internet Relay Chat Protocol, May 1993.
22. [Op01] The OpenSSL Project, http://www.openssl.org/
23. [PV01] Romualdo Pastor-Satorras and Alessandro Vespignani, “Epidemic spreading in scale-free networks,” Physical Review Letters, 86(14), pp. 3200–3203, April 2, 2001.
24. [Pa92] Vern Paxson, 1992. http://www.ioccc.org/1992/vern.c
25. [Pa94] Vern Paxson, “Growth trends in wide-area TCP connections,” IEEE Network, 8(4), pp. 8–17, July 1994.
26. [Re02] The Register, “Old Morpheus still works for unhacked users,” http://www.theregister.co.uk/content/4/24445.html, Mar. 15, 2002.
27. [SA01] SANS, “Code Red (II),” August 7, 2001. http://www.incidents.org/react/code redII.php
28. [Sp89] Eugene Spafford, “An Analysis of the Internet Worm,” Proc. European Software Engineering Conference, pp. 446–468, Sep. 1989. Lecture Notes in Computer Science #387, Springer-Verlag.
29. [Sy00] Symantic, “Symantic Security Response: W32.Sonic.Worm,” Oct. 9, 2000. http://www.sarc.com/avcenter/venc/data/w32.sonic.worm.html
30. [Tw02] Tripwire Inc., “Tripwire for Servers,” 2002. http://www.tripwire.com/products/servers/index.cfm?
31. [We02] Nicholas Weaver, “Reflections on Brilliant Digital: Single Points of 0wnership”, 2002. http://www.cs.berkeley.edu/∼nweaver/0wn2.html