190 Chapter 8 ■ Trojans, Viruses, Worms, and Covert Channels
Outside of computing, the term sheep dip refers to farmers’ practice of
dipping sheep in special fungicides and other medicines to keep parasites
and infections from spreading through the herd—much as a piece of
software is analyzed before being introduced into the network in order to
prevent a mass infection of host systems.Worms
When we speak of viruses, the topic of worms is not far behind. They are another major
menace. Unlike viruses, which by definition require some sort of action to occur in order to
trigger their mischief, worms are entirely self replicating. Worms effectively use the power
of networks, malware, and speed to spread very dangerous and effective pieces of malware.
One example is the SQL Slammer worm from the early 2000s. At the time, the Slammer
worm was responsible for widespread slowdowns and severe denials of services on the
Internet. The worm took advantage of the fact that systems that had SQL Server or SQL
Server’s Desktop products were vulnerable to a buffer overflow. Although Microsoft had
released a patch six months prior to the worm’s debut, many organizations had neglected
to install the patch. With this vulnerability still present on so many systems, the conditions
for the attack were ripe. On the morning of January 25, 2003, the worm went active—and
within 10 minutes 75,000 machines were infected, along with many more over the next
few hours.FIGURE 8.1 JPS Virus Maker user interface