|
DataMuseum.dkPresents historical artifacts from the history of: DKUUG/EUUG Conference tapes |
This is an automatic "excavation" of a thematic subset of
See our Wiki for more about DKUUG/EUUG Conference tapes Excavated with: AutoArchaeologist - Free & Open Source Software. |
top - metrics - downloadIndex: T U
Length: 243234 (0x3b622)
Types: TextFile
Notes: Uncompressed file
└─⟦4f9d7c866⟧ Bits:30007245 EUUGD6: Sikkerheds distributionen
└─⟦9743326e4⟧ »./worm/mit-ieee.ps.Z«
└─⟦this⟧
%!
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% Do not edit this prologue file; edit tex.pro instead!
/TeXDict 200 dict def
TeXDict begin
/Resolution 300 def
/Inch{Resolution mul}def
/Mtrx matrix def
/a4const 340 def
/usletterconst 310 def
/a4{}def
/letter{}def
/note{}def
/legal{}def
/@a4
{a4 initmatrix
72 Resolution div dup neg scale
270 -3215 translate
Mtrx currentmatrix pop
}def
/@letter
{letter initmatrix
72 Resolution div dup neg scale
usletterconst -3005 translate
Mtrx currentmatrix pop
}def
/@note
{note initmatrix
72 Resolution div dup neg scale
usletterconst -3005 translate
Mtrx currentmatrix pop
}def
/@landscape
{letter initmatrix
72 Resolution div dup neg scale
Mtrx currentmatrix 0 0.0 put
Mtrx 1 -1.0 put
Mtrx 2 1.0 put
Mtrx 3 0.0 put
Mtrx setmatrix
300 usletterconst translate
Mtrx currentmatrix pop
}def
/@legal
{legal initmatrix
72 Resolution div dup neg scale
295 -3880 translate
Mtrx currentmatrix pop
}def
/@manualfeed
{statusdict /manualfeed true put
}def
/@copies
{/#copies exch def
}def
/@restore /restore load def
/restore
{vmstatus pop
dup @VMused lt{pop @VMused}if
exch pop exch @restore /@VMused exch def
}def
/@pri
{
( ) print
( ) cvs print
}def
/@FontMatrix [1 0 0 -1 0 0] def
/@FontBBox [0 0 1 1] def
/@faceup{statusdict /setoutputtray known
{statusdict begin end}if} def
/@newfont
{/newname exch def
newname 7 dict def
newname load begin
/FontType 3 def
/FontMatrix @FontMatrix def
/FontBBox @FontBBox def
/BitMaps 128 array def
/BuildChar{CharBuilder}def
/Encoding 256 array def
0 1 255 {Encoding exch /.undef put}for
end
newname newname load definefont pop
}def
/ch-image{ch-data 0 get}def
/ch-width{ch-data 1 get}def
/ch-height{ch-data 2 get}def
/ch-xoff{ch-data 3 get}def
/ch-yoff{ch-data 4 get}def
/ch-tfmw{ch-data 5 get}def
/CharBuilder
{save 3 1 roll exch /BitMaps get exch get /ch-data exch def
ch-data null ne
{ch-tfmw 0 ch-xoff neg ch-yoff neg ch-width ch-xoff sub ch-height ch-yoff sub
setcachedevice
ch-width ch-height true [1 0 0 1 ch-xoff ch-yoff]
{ch-image}imagemask
}if
restore
}def
/@sf
{dup
/FontName known
{dup /FontName get tempstring cvs (SmallCaps) search
{/smallcaps true def pop pop pop}
{/smallcaps false def pop}
ifelse
}
{/smallcaps false def}
ifelse
setfont
}def
/@dc
{/ch-code exch def
dup 0 get
length 2 lt
{pop [ <00> 1 1 0 0 8.00 ]}
if
/ch-data exch def
currentfont /BitMaps get ch-code ch-data put
currentfont /Encoding get ch-code
dup ( ) cvs cvn
put
}def
/@pc
{pop
/ch-data exch def
currentpoint translate
ch-width ch-height true [1 0 0 -1 ch-xoff ch-yoff]
{ch-image}imagemask
}def
/@bop0
{pop
}def
/@bop1
{pop
erasepage initgraphics
Mtrx setmatrix
/SaveImage save def
}def
/@eop
{showpage
SaveImage restore
}def
/@start
{@letter
vmstatus pop /@VMused exch def pop
}def
/@end
{(VM used: ) print @VMused @pri
(. Unused: ) print vmstatus @VMused sub @pri pop pop
(\n) print flush
end
}def
/p
{moveto
}def
/r
{0 rmoveto
}def
/s
{smallcaps {SmallCapShow}{show} ifelse
}def
/c
{c-string exch 0 exch put
c-string s
}def
/c-string ( ) def
/ru
{/dy exch neg def
/dx exch def
/x currentpoint /y exch def def
newpath x y moveto
dx 0 rlineto
0 dy rlineto
dx neg 0 rlineto
closepath fill
x y moveto
}def
/@SpecialDefaults
{/hs 8.5 Inch def
/vs 11 Inch def
/ho 0 def
/vo 0 def
/hsc 1 def
/vsc 1 def
/CLIP false def
}def
/@hsize{/hs exch def /CLIP true def}def
/@vsize{/vs exch def /CLIP true def}def
/@hoffset{/ho exch def}def
/@voffset{/vo exch def}def
/@hscale{/hsc exch def}def
/@vscale{/vsc exch def}def
/@setclipper
{hsc vsc scale
CLIP
{newpath 0 0 moveto hs 0 rlineto 0 vs rlineto hs neg 0 rlineto closepath clip}
if
}def
/@beginspecial
{gsave /SpecialSave save def
currentpoint transform initgraphics itransform translate
@SpecialDefaults
/showpage{}def
}def
/@setspecial
{
MacDrwgs
{md begin /pxt ho def /pyt vo neg def end}
{ho vo translate @setclipper}
ifelse
}def
/@endspecial
{SpecialSave restore
grestore
}def
/ReEncodeForTeX
{/newfontname exch def
/basefontname exch def
/TeXstr 30 string def
/basefontdict basefontname findfont def
/newfont basefontdict maxlength dict def
basefontdict
{exch dup /FID ne
{dup /Encoding eq
{exch dup length array copy
newfont 3 1 roll put}
{exch newfont 3 1 roll put}
ifelse
}
{pop pop}
ifelse
}forall
basefontname TeXstr cvs (Dingbat) search
{pop pop pop}
{pop
/TeXvec basefontname TeXstr cvs (Courier) search
{pop pop pop TeXcourvec}
{pop TeXnormalvec}
ifelse def
TeXvec aload pop
TeXvec length 2 idiv
{newfont /Encoding get 3 1 roll put}
repeat
}
ifelse
newfontname newfont definefont pop
}def
/TeXnormalvec
[ 8#014 /fi 8#015 /fl 8#020 /dotlessi 8#022 /grave 8#023 /acute
8#024 /caron 8#025 /breve 8#026 /macron 8#027 /ring 8#030 /cedilla
8#031 /germandbls 8#032 /ae 8#033 /oe 8#034 /oslash 8#035 /AE
8#036 /OE 8#037 /Oslash 8#042 /quotedblright 8#074 /exclamdown
8#076 /questiondown 8#134 /quotedblleft 8#136 /circumflex
8#137 /dotaccent 8#173 /endash 8#174 /emdash 8#175 /quotedbl
8#176 /tilde 8#177 /dieresis ] def
/TeXcourvec
[ 8#016 /exclamdown 8#017 /questiondown 8#020 /dotlessi 8#022 /grave
8#023 /acute 8#024 /caron 8#025 /breve 8#026 /macron 8#027 /ring
8#030 /cedilla 8#031 /germandbls 8#032 /ae 8#033 /oe 8#034 /oslash
8#035 /AE 8#036 /OE 8#037 /Oslash 8#074 /less 8#076 /greater
8#134 /backslash 8#136 /circumflex 8#137 /underscore 8#173 /braceleft
8#174 /bar 8#175 /braceright 8#176 /tilde 8#177 /dieresis ] def
/TeXPSmakefont{
/TeXsize exch def
findfont
[ TeXsize 0 0 TeXsize neg 0 0 ] makefont
}def
/ObliqueFont{
/ObliqueAngle exch def
/ObliqueBaseName exch def
/ObliqueFontName exch def
/ObliqueTransform [1 0 ObliqueAngle sin ObliqueAngle cos div 1 0 0] def
/basefontdict ObliqueBaseName findfont ObliqueTransform makefont def
/newfont basefontdict maxlength dict def
basefontdict
{exch dup /FID ne
{dup /Encoding eq
{exch dup length array copy
newfont 3 1 roll put}
{exch newfont 3 1 roll put}
ifelse
}
{pop pop}
ifelse
}forall
newfont /FontName ObliqueFontName put
ObliqueFontName newfont definefont
pop
}def
/Times-Oblique /Times-Roman 15.5 ObliqueFont
/Times-BoldOblique /Times-Bold 15 ObliqueFont
/Times-ItalicUnslanted /Times-Italic -15.15 ObliqueFont
/SmallCapsFont{
/SmallCapsBaseName exch def
/SmallCapsFontName exch def
/basefontdict SmallCapsBaseName findfont def
/newfont basefontdict maxlength dict def
basefontdict
{exch dup /FID ne
{dup /Encoding eq
{exch dup length array copy
newfont 3 1 roll put}
{exch newfont 3 1 roll put}
ifelse
}
{pop pop}
ifelse
}forall
newfont /FontName SmallCapsFontName put
SmallCapsFontName newfont definefont
pop
}def
/Times-SmallCaps /Times-Roman SmallCapsFont
FontDirectory /Palatino-Roman known
{
/Palatino-Oblique /Palatino-Roman 10 ObliqueFont
/Palatino-BoldOblique /Palatino-Bold 10 ObliqueFont
/Palatino-SmallCaps /Palatino-Roman SmallCapsFont
}if
FontDirectory /NewCenturySchlbk-Roman known
{
/NewCenturySchlbk-Oblique /NewCenturySchlbk-Roman 16 ObliqueFont
/NewCenturySchlbk-ItalicUnslanted /NewCenturySchlbk-Italic -16 ObliqueFont
/NewCenturySchlbk-SmallCaps /NewCenturySchlbk-Roman SmallCapsFont
}if
/SmallCapShow{
/achar (A) def
/xfac 0.8 def
/yfac 0.8 def
/xrec 1 xfac div def
/yrec 1 yfac div def
{dup dup
8#141 ge exch 8#172 le and
{8#40 sub achar exch 0 exch put achar
xfac yfac scale show xrec yrec scale}
{achar exch 0 exch put achar show}
ifelse
}forall
}def
/tempstring 100 string def
/MacDrwgs false def
/@MacSetUp
{userdict /md known
{userdict /md get type /dicttype eq
{/MacDrwgs true def
md begin
/psu
/psu load
{/letter {}def
/note{}def
/legal{}def
statusdict /waittimeout 300 put
/page{pop}def
/pyt vo neg def
/pxt ho def
}
concatprocs
def
/od
/od load
{@setclipper}
concatprocs
def
end}
if}
if
}def
/concatprocs
{/p2 exch cvlit def
/p1 exch cvlit def
/p p1 length p2 length add array def
p 0 p1 putinterval
p p1 length p2 putinterval
p cvx
}def
end
statusdict /waittimeout 300 put
TeXDict begin
@start
%%Title: main.dvi
%%Creator: dvi2ps
%%EndProlog
1 @bop0
/Times-Roman /t-rom.510 ReEncodeForTeX /t-rom.510 /t-rom.510 70.568701 TeXPSmakefont def
/cmsy10.360 @newfont
cmsy10.360 @sf
[<00C00000E00000C00000C00040C080E0C1C0F8C7C07CCF801FFE0007F80001E00007F8001FFE007CCF80F8C7C0E0C1C040C0
8000C00000C00000E00000C000> 18 21 -3 -2 25] 3 @dc
/Times-Roman /t-rom.360 ReEncodeForTeX /t-rom.360 /t-rom.360 49.813200 TeXPSmakefont def
/Times-Bold /t-bol.300 ReEncodeForTeX /t-bol.300 /t-bol.300 41.511000 TeXPSmakefont def
/Times-Roman /t-rom.300 ReEncodeForTeX /t-rom.300 /t-rom.300 41.511000 TeXPSmakefont def
/Times-Bold /t-bol.420 ReEncodeForTeX /t-bol.420 /t-bol.420 58.115401 TeXPSmakefont def
/cmr7.300 @newfont
cmr7.300 @sf
[<7FE07FE00E000E000E000E000E000E000E000E000E000E000E000E000E00EE00FE001E000600> 11 19 -2 0 17] 49 @dc
/Times-Bold /t-bol.360 ReEncodeForTeX /t-bol.360 /t-bol.360 49.813200 TeXPSmakefont def
/cmsy6.300 @newfont
cmsy6.300 @sf
[<0C000E00CCC0FFC0FFC03F00FFC0FFC0CCC00E000C00> 10 11 -3 -1 16] 3 @dc
/Times-Roman /t-rom.240 ReEncodeForTeX /t-rom.240 /t-rom.240 33.208800 TeXPSmakefont def
/cmsy8.300 @newfont
cmsy8.300 @sf
[<001FE00000FFFC0003F03F00078007800E0001C01C0000E038000070300000307000003860000018E000001CC000000CC000
000CC000000CC000000CC000000CC000000CC000000CE000001C600000187000003830000030380000701C0000E00E0001C0
0780078003F03F0000FFFC00001FE000> 30 29 -2 6 35] 13 @dc
/cmr6.300 @newfont
cmr6.300 @sf
[<FF80FF801C001C001C001C001C001C001C001C001C001C009C00FC007C000C00> 9 16 -2 0 15] 49 @dc
1 @bop1
t-rom.510 @sf
519 229 p 87 c
-2 r (ith) s
16 r (Microscope) s
20 r (and) s
19 r 84 c
-4 r (weezers:) s
222 320 p (An) s
17 r (Analysis) s
19 r (of) s
18 r (the) s
18 r (Internet) s
19 r 86 c
-3 r (irus) s
18 r (of) s
18 r (November) s
20 r (1988) s
cmsy10.360 @sf
1728 295 p 3 c
t-rom.360 @sf
620 441 p (Mark) s
13 r 87 c
-4 r 46 c
12 r (Eichin) s
13 r (and) s
12 r (Jon) s
13 r (A.) s
12 r (Rochlis) s
593 557 p (Massachusetts) s
14 r (Institute) s
12 r (of) s
12 r 84 c
-2 r (echnology) s
621 615 p (77) s
12 r (Massachusetts) s
14 r 65 c
-3 r (venue,) s
12 r (E40-31) s
-1 r 49 c
743 673 p (Cambridge,) s
12 r (MA) s
13 r (02139) s
t-bol.300 @sf
373 836 p (Abstract) s
t-rom.300 @sf
4 928 p (In) s
9 r (early) s
10 r (November) s
9 r (1988) s
9 r (the) s
9 r (Internet,) s
10 r 97 c
10 r (collection) s
8 r (of) s
9 r (net-) s
-36 978 p (works) s
12 r (consisting) s
12 r (of) s
14 r (60,000) s
13 r (host) s
13 r (computers) s
14 r (implementing) s
-36 1027 p (the) s
11 r (TCP/IP) s
12 r (protocol) s
11 r (suite,) s
14 r (was) s
13 r (attacked) s
13 r (by) s
12 r 97 c
13 r (virus,) s
13 r 97 c
13 r (pro-) s
-36 1077 p (gram) s
6 r (which) s
7 r (broke) s
7 r (into) s
6 r (computers) s
7 r (on) s
7 r (the) s
7 r (network) s
7 r (and) s
7 r (which) s
-36 1127 p (spread) s
6 r (from) s
7 r (one) s
7 r (machine) s
8 r (to) s
6 r (another) s
-1 r 46 c
11 r (This) s
7 r (paper) s
8 r (is) s
6 r 97 c
8 r (detailed) s
-36 1177 p (analysis) s
10 r (of) s
12 r (the) s
12 r (virus) s
11 r (program.W) s
-2 r 101 c
11 r (describe) s
12 r (the) s
12 r (lessons) s
12 r (that) s
-36 1227 p (thi) s
-1 r 115 c
10 r (incident) s
11 r (has) s
12 r (taught) s
10 r (the) s
12 r (Internet) s
11 r (community) s
11 r (and) s
11 r (topics) s
-36 1277 p (for) s
10 r (future) s
11 r (consideration) s
10 r (and) s
12 r (resolution.) s
16 r 65 c
12 r (detailed) s
11 r (routine) s
-36 1326 p (by) s
12 r (routine) s
13 r (description) s
13 r (of) s
14 r (the) s
14 r (virus) s
14 r (program) s
14 r (including) s
12 r (the) s
-36 1376 p (contents) s
8 r (of) s
10 r (its) s
10 r (built) s
8 r (in) s
10 r (dictionary) s
9 r (is) s
10 r (provided.) s
t-bol.420 @sf
-36 1517 p 49 c
57 r (Intr) s
(oduction) s
t-rom.300 @sf
-36 1610 p (The) s
9 r (Internet[) s
49 c
-1 r (][) s
50 c
-1 r (],) s
11 r 97 c
10 r (collection) s
9 r (of) s
10 r (interconnected) s
9 r (networks) s
-36 1660 p (lin) s
-1 r (kin) s
-1 r 103 c
6 r (approximately) s
7 r (60,000) s
7 r (computers,) s
9 r (was) s
9 r (attacked) s
8 r (by) s
8 r 97 c
-36 1710 p (viru) s
-1 r 115 c
9 r (program) s
10 r (on) s
10 r 50 c
11 r (November) s
11 r (1988.) s
13 r (The) s
11 r (Internet) s
10 r (commu-) s
-36 1759 p (nit) s
-1 r 121 c
13 r (is) s
14 r (comprised) s
14 r (of) s
14 r (academic,) s
18 r (corporate,) s
16 r (and) s
14 r (goverment) s
-36 1809 p (research) s
12 r (users,) s
14 r (all) s
13 r (seeking) s
12 r (to) s
12 r (exchange) s
14 r (information) s
10 r (to) s
12 r (en-) s
-36 1859 p (hance) s
10 r (their) s
9 r (research) s
12 r (ef) s
(forts.) s
4 1909 p (The) s
22 r (virus) s
20 r (broke) s
21 r (into) s
20 r (Berkeley) s
22 r (Standard) s
21 r (Distribut) s
-1 r (ion) s
-36 1959 p (\(BSD\)) s
10 r (UNIX) s
cmr7.300 @sf
187 1945 p 49 c
t-rom.300 @sf
218 1959 p (and) s
12 r (derivative) s
12 r (systems.) s
21 r (Once) s
13 r (resident) s
11 r (in) s
12 r 97 c
-36 2009 p (computer) s
-1 r 44 c
9 r (it) s
10 r (attempted) s
11 r (to) s
10 r (break) s
12 r (into) s
9 r (other) s
10 r (machines) s
12 r (on) s
11 r (the) s
-36 2058 p (network.) s
24 r (This) s
14 r (paper) s
15 r (is) s
14 r (an) s
15 r (analysis) s
14 r (of) s
14 r (that) s
13 r (virus) s
14 r (program) s
-36 2108 p (and) s
8 r (of) s
10 r (the) s
10 r (reaction) s
9 r (of) s
10 r (the) s
10 r (Internet) s
9 r (community) s
9 r (to) s
9 r (the) s
10 r (attack.) s
t-bol.360 @sf
-36 2228 p (1.1) s
49 r (Organization) s
t-rom.300 @sf
-36 2306 p (In) s
11 r (Section) s
12 r 49 c
13 r (we) s
13 r (discuss) s
13 r (the) s
12 r (categorization) s
12 r (of) s
12 r (the) s
13 r (program) s
-36 2356 p (which) s
12 r (attacked) s
14 r (the) s
13 r (Internet,) s
15 r (the) s
13 r (goals) s
14 r (of) s
13 r (the) s
14 r (teams) s
14 r (work-) s
-36 2405 p (ing) s
9 r (on) s
12 r (isolating) s
10 r (the) s
11 r (virus) s
11 r (and) s
12 r (the) s
12 r (methods) s
11 r (they) s
11 r (employed,) s
-36 2442 p 390 2 ru
cmsy6.300 @sf
4 2469 p 3 c
t-rom.240 @sf
22 2480 p (Copyright) s
16 r 99 c
cmsy8.300 @sf
-26 r 13 c
t-rom.240 @sf
7 r (1988) s
5 r (Massachuse) s
-1 r (tts) s
5 r (Institute) s
6 r (of) s
6 r 84 c
-1 r (echnolog) s
-1 r 121 c
-2 r 46 c
8 r (This) s
7 r (paper) s
-36 2520 p (will) s
9 r (be) s
10 r (presented) s
8 r (at) s
10 r (the) s
10 r (1989) s
9 r (IEEE) s
11 r (Symposium) s
9 r (on) s
9 r (Research) s
9 r (in) s
10 r (Security) s
-36 2559 p (and) s
6 r (Privacy) s
-1 r 46 c
cmr6.300 @sf
5 2588 p 49 c
t-rom.240 @sf
22 2599 p (UNIX) s
7 r (is) s
7 r 97 c
6 r (trademark) s
6 r (of) s
6 r 65 c
-3 r (T&T) s
-1 r 46 c
6 r (DEC,) s
7 r 86 c
-3 r (AX,) s
6 r (and) s
6 r (Ultrix) s
7 r (are) s
6 r (trademarks) s
-36 2638 p (of) s
7 r (Digitial) s
7 r (Equipment) s
6 r (Corporation.) s
10 r (Sun,) s
8 r (SunOS,) s
8 r (and) s
6 r (NFS) s
9 r (are) s
7 r (trademarks) s
-36 2678 p (of) s
8 r (Sun) s
9 r (Microsystems,) s
8 r (Inc.) s
15 r (IBM) s
9 r (is) s
10 r 97 c
9 r (trademark) s
8 r (of) s
9 r (International) s
8 r (Business) s
-36 2717 p (Mach) s
-1 r (ines,) s
6 r (Inc.) s
t-rom.300 @sf
1012 836 p (and) s
12 r (summarize) s
13 r (what) s
11 r (the) s
11 r (virus) s
11 r (did) s
11 r (and) s
11 r (did) s
11 r (not) s
11 r (actually) s
11 r (do.) s
1012 886 p (In) s
11 r (Section) s
11 r 50 c
11 r (we) s
11 r (discuss) s
11 r (in) s
10 r (more) s
12 r (detail) s
10 r (the) s
11 r (strategies) s
11 r (it) s
10 r (em-) s
1012 935 p (ployed,) s
16 r (the) s
14 r (speci) s
174 c
99 c
15 r (attacks) s
15 r (it) s
14 r (used,) s
16 r (and) s
15 r (the) s
14 r (ef) s
(fective) s
15 r (and) s
1012 985 p (inef) s
(fective) s
10 r (defenses) s
11 r (proposed) s
9 r (by) s
10 r (the) s
10 r (community) s
-2 r 46 c
13 r (Once) s
11 r (the) s
1012 1035 p (crisis) s
9 r (had) s
8 r (passed,) s
10 r (the) s
8 r (Internet) s
8 r (community) s
7 r (had) s
9 r (time) s
8 r (not) s
8 r (only) s
1012 1085 p (to) s
11 r (explore) s
10 r (the) s
11 r (vulnerabilit) s
-1 r (ies) s
9 r (which) s
11 r (had) s
10 r (allowed) s
11 r (the) s
10 r (attack) s
1012 1135 p (to) s
14 r (succeed,) s
17 r (but) s
14 r (also) s
14 r (to) s
13 r (consider) s
14 r (how) s
14 r (future) s
14 r (attacks) s
14 r (could) s
1012 1184 p (be) s
13 r (prevented.) s
19 r (Section) s
12 r 51 c
11 r (presents) s
13 r (our) s
11 r (views) s
12 r (on) s
12 r (the) s
12 r (lessons) s
1012 1234 p (learned) s
13 r (and) s
11 r (problems) s
12 r (to) s
11 r (be) s
12 r (faced) s
13 r (in) s
11 r (the) s
12 r (future.) s
17 r (In) s
12 r (Section) s
1012 1284 p 52 c
13 r (we) s
13 r (acknowledge) s
13 r (the) s
12 r (people) s
12 r (on) s
12 r (our) s
12 r (team) s
14 r (and) s
12 r (the) s
13 r (people) s
1012 1334 p (at) s
14 r (other) s
13 r (sites) s
13 r (who) s
13 r (aided) s
13 r (us) s
14 r (in) s
12 r (the) s
13 r (ef) s
(fort) s
12 r (to) s
13 r (understand) s
13 r (the) s
1012 1384 p (virus.) s
1054 1438 p 87 c
-2 r 101 c
9 r (present) s
10 r 97 c
10 r (subroutine) s
8 r (by) s
10 r (subroutine) s
8 r (description) s
8 r (of) s
10 r (the) s
1012 1488 p (virus) s
14 r (program) s
15 r (itself) s
14 r (in) s
14 r (Appendix) s
14 r (A,) s
16 r (including) s
13 r 97 c
15 r (diagram) s
1012 1538 p (of) s
15 r (the) s
15 r (information) s
13 r 175 c
(ow) s
14 r (through) s
13 r (the) s
15 r (routines) s
14 r (which) s
14 r (com-) s
1012 1587 p (prise) s
11 r (the) s
10 r 96 c
-2 r (`cracking) s
9 r (engine') s
-2 r ('.) s
12 r (Appendix) s
9 r 66 c
10 r (contains) s
10 r 97 c
11 r (list) s
9 r (of) s
1012 1637 p (the) s
11 r (words) s
11 r (included) s
10 r (in) s
10 r (the) s
11 r (built-) s
-1 r (in) s
9 r (dictionary) s
9 r (carried) s
11 r (by) s
11 r (the) s
1012 1687 p (virus.) s
t-bol.360 @sf
1012 1830 p (1.2) s
51 r 65 c
19 r (Rose) s
19 r (by) s
19 r (Any) s
18 r (Other) s
19 r (Name) s
t-rom.300 @sf
1012 1916 p (The) s
10 r (question) s
7 r (of) s
8 r (how) s
8 r (to) s
8 r (classify) s
9 r (the) s
8 r (program) s
9 r (which) s
8 r (infected) s
1012 1965 p (the) s
11 r (Internet) s
10 r (has) s
12 r (received) s
11 r 97 c
12 r (fair) s
10 r (amount) s
11 r (of) s
11 r (attention.) s
14 r 87 c
-2 r (as) s
10 r (it) s
1012 2015 p 97 c
11 r 96 c
-2 r (`virus') s
-3 r 39 c
8 r (or) s
10 r 96 c
-2 r (`worm') s
-3 r (';) s
8 r (or) s
10 r (was) s
11 r (it) s
9 r (something) s
9 r (else?) s
1054 2069 p (There) s
14 r (is) s
12 r (confusion) s
11 r (about) s
12 r (the) s
13 r (term) s
13 r 96 c
-2 r (`vir) s
-1 r (us.') s
-3 r 39 c
19 r 84 c
-2 r 111 c
12 r 97 c
13 r (biolo-) s
1012 2119 p (gist) s
7 r 97 c
9 r (virus) s
7 r (is) s
8 r (an) s
8 r (agent) s
8 r (of) s
8 r (infection) s
6 r (which) s
8 r (can) s
8 r (only) s
7 r (grow) s
8 r (and) s
1012 2169 p (reproduce) s
11 r (within) s
9 r 97 c
11 r (host) s
10 r (cell.) s
15 r 65 c
10 r (lytic) s
10 r (virus) s
9 r (enters) s
11 r 97 c
11 r (cell) s
11 r (and) s
1012 2219 p (uses) s
13 r (the) s
12 r (cell') s
-1 r 115 c
11 r (own) s
12 r (metabolic) s
11 r (machinery) s
13 r (to) s
11 r (replicate.) s
20 r (The) s
1012 2269 p (newly) s
8 r (created) s
9 r (viruses) s
8 r (\(more) s
9 r (appropriately) s
6 r (called) s
9 r 96 c
-2 r (`vir) s
-1 r (ons') s
-3 r ('\)) s
1012 2319 p (break) s
13 r (out) s
12 r (of) s
12 r (the) s
12 r (infected) s
12 r (cell,) s
14 r (destroying) s
11 r (it,) s
12 r (and) s
13 r (then) s
12 r (seek) s
1012 2368 p (out) s
13 r (new) s
14 r (cells) s
14 r (to) s
13 r (infect.) s
24 r 65 c
14 r (lysogenetic) s
13 r (virus,) s
14 r (on) s
14 r (the) s
13 r (other) s
1012 2418 p (hand,) s
18 r (alters) s
16 r (the) s
15 r (genetic) s
16 r (material) s
16 r (of) s
15 r (its) s
15 r (host) s
16 r (cells.) s
30 r (When) s
1012 2468 p (the) s
15 r (host) s
14 r (cell) s
15 r (reproduces) s
15 r (it) s
14 r (unwitting) s
-1 r (ly) s
13 r (reproduces) s
15 r (the) s
14 r (vi-) s
1012 2518 p (ral) s
13 r (genes.) s
21 r (At) s
12 r (some) s
14 r (point) s
11 r (in) s
12 r (the) s
12 r (future,) s
13 r (the) s
12 r (viral) s
12 r (genes) s
13 r (are) s
1012 2568 p (activated) s
11 r (and) s
11 r (many) s
11 r (virons) s
10 r (are) s
11 r (produced) s
11 r (by) s
10 r (the) s
11 r (cell.) s
15 r (These) s
1012 2617 p (proceed) s
13 r (to) s
11 r (break) s
11 r (out) s
11 r (of) s
11 r (the) s
12 r (cell) s
12 r (and) s
11 r (seek) s
13 r (out) s
10 r (other) s
11 r (cells) s
12 r (to) s
1012 2667 p (infect[) s
51 c
(].) s
19 r (Some) s
13 r (single) s
12 r (strand) s
12 r (DNA) s
12 r (viruses) s
12 r (do) s
12 r (not) s
11 r (kill) s
11 r (the) s
1012 2717 p (host) s
12 r (cell;) s
12 r (they) s
12 r (use) s
12 r (the) s
12 r (machinery) s
12 r (of) s
12 r (the) s
11 r (host) s
12 r (cell) s
12 r (to) s
11 r (repro-) s
@eop
2 @bop0
/Times-Italic /t-ita.300 ReEncodeForTeX /t-ita.300 /t-ita.300 41.511000 TeXPSmakefont def
/cmsy10.300 @newfont
cmsy10.300 @sf
[<07E01FF83FFC7FFE7FFEFFFFFFFFFFFFFFFFFFFFFFFF7FFE7FFE3FFC1FF807E0> 16 16 -2 -2 21] 15 @dc
2 @bop1
t-rom.300 @sf
-36 96 p (duce) s
11 r (\(perhaps) s
11 r (slowing) s
11 r (normal) s
11 r (celluar) s
12 r (growth) s
10 r (by) s
12 r (diverting) s
-36 146 p (resources\)) s
7 r (and) s
8 r (exit) s
7 r (the) s
8 r (cells) s
8 r (in) s
7 r 97 c
8 r (non-destructive) s
6 r (manner[) s
52 c
(].) s
4 201 p 65 c
11 r 96 c
-2 r (`worm') s
-3 r 39 c
8 r (is) s
11 r (an) s
10 r (or) s
(ganism) s
10 r (with) s
9 r (an) s
11 r (elongated) s
10 r (segmented) s
-36 251 p (body) s
-3 r 46 c
34 r (Because) s
19 r (of) s
17 r (the) s
17 r (shape) s
18 r (of) s
18 r (their) s
16 r (bodies) s
17 r (worms) s
18 r (can) s
-36 300 p (snake) s
8 r (around) s
8 r (obstacles) s
8 r (and) s
9 r (work) s
8 r (their) s
7 r (way) s
9 r (into) s
7 r (unexpected) s
-36 350 p (places.) s
15 r (Some) s
11 r (worms,) s
11 r (for) s
11 r (example) s
11 r (the) s
10 r (tapeworm,) s
12 r (are) s
11 r (para-) s
-36 400 p (sites.) s
15 r (They) s
12 r (live) s
10 r (inside) s
10 r (of) s
11 r 97 c
12 r (host) s
10 r (or) s
(ganism,) s
11 r (feeding) s
11 r (directly) s
-36 450 p (from) s
14 r (nutrients) s
15 r (intended) s
15 r (for) s
15 r (host) s
16 r (cells.) s
31 r (These) s
17 r (worms) s
16 r (re-) s
-36 500 p (produ) s
-1 r (ce) s
10 r (by) s
10 r (shedding) s
9 r (one) s
11 r (of) s
10 r (their) s
10 r (segments) s
11 r (which) s
10 r (contains) s
-36 550 p (many) s
15 r (eggs.) s
30 r (They) s
16 r (have) s
17 r (dif) s
174 c
(cult) s
-1 r 121 c
14 r (in) s
15 r (reaching) s
16 r (new) s
16 r (hosts,) s
-36 599 p (since) s
10 r (they) s
10 r (usually) s
9 r (leave) s
12 r (an) s
11 r (infected) s
10 r (host) s
10 r (through) s
9 r (its) s
10 r (excre-) s
-36 649 p (tory) s
7 r (system) s
9 r (and) s
9 r (may) s
10 r (not) s
8 r (readily) s
9 r (come) s
10 r (into) s
7 r (contact) s
9 r (with) s
8 r (an-) s
-36 699 p (other) s
8 r (host[) s
53 c
-1 r (].) s
4 754 p (In) s
12 r (deciding) s
12 r (which) s
12 r (term) s
13 r 174 c
(ts) s
12 r (the) s
12 r (program) s
13 r (which) s
12 r (infected) s
-36 804 p (the) s
13 r (Internet,) s
16 r (we) s
16 r (must) s
15 r (decide) s
15 r (which) s
15 r (part) s
15 r (of) s
14 r (the) s
15 r (system) s
16 r (is) s
-36 854 p (analogous) s
8 r (to) s
9 r (the) s
10 r 96 c
-2 r (`host') s
-3 r ('.) s
12 r (Possibilit) s
-1 r (ies) s
9 r (include) s
9 r (the) s
10 r (network,) s
-36 903 p (host) s
13 r (computers,) s
17 r (programs,) s
17 r (and) s
15 r (processes.) s
31 r 87 c
-2 r 101 c
14 r (must) s
16 r (also) s
-36 953 p (consider) s
9 r (the) s
10 r (actions) s
10 r (of) s
10 r (the) s
10 r (program) s
10 r (and) s
10 r (its) s
10 r (structure.) s
4 1008 p 86 c
-1 r (iewing) s
10 r (the) s
12 r (network) s
11 r (layer) s
12 r (as) s
13 r (the) s
12 r 96 c
-2 r (`host) s
-1 r 39 c
-3 r 39 c
10 r (is) s
12 r (not) s
11 r (fruitful;) s
-36 1058 p (the) s
7 r (network) s
8 r (was) s
10 r (not) s
8 r (attacked,) s
10 r (speci) s
174 c
99 c
10 r (hosts) s
8 r (on) s
9 r (the) s
8 r (network) s
-36 1108 p (were.) s
15 r (The) s
11 r (infection) s
9 r (never) s
11 r (spread) s
12 r (beyond) s
10 r (the) s
10 r (Internet) s
10 r (even) s
-36 1158 p (thou) s
-1 r (gh) s
15 r (there) s
18 r (were) s
18 r (gateways) s
18 r (to) s
16 r (other) s
17 r (types) s
17 r (of) s
17 r (networks.) s
-36 1207 p (One) s
9 r (could) s
9 r (view) s
10 r (the) s
9 r (infection) s
9 r (as) s
10 r 97 c
11 r (worm,) s
10 r (which) s
10 r 96 c
-2 r (`wig) s
-1 r (gled') s
-3 r 39 c
-36 1257 p (thro) s
-1 r (ugho) s
-1 r (ut) s
8 r (the) s
11 r (network.) s
14 r (But) s
10 r (as) s
12 r (Beckman) s
11 r (points) s
10 r (out[) s
54 c
-2 r 93 c
11 r (the) s
-36 1307 p (progr) s
-1 r (am) s
12 r (didn') s
116 c
11 r (have) s
14 r (connected) s
13 r 96 c
-2 r (`segments') s
-2 r 39 c
11 r (in) s
13 r (any) s
13 r (sense.) s
-36 1357 p (Thus) s
9 r (it) s
9 r (can') s
116 c
10 r (be) s
11 r 97 c
10 r (worm.) s
4 1412 p 65 c
13 r (model) s
13 r (showing) s
12 r (the) s
13 r (computers) s
13 r (as) s
14 r (the) s
13 r 96 c
-2 r (`host') s
-4 r 39 c
11 r (is) s
13 r (more) s
-36 1461 p (promisi) s
-1 r (ng.) s
12 r (The) s
11 r (infection) s
8 r (of) s
10 r 50 c
10 r (November) s
11 r (entered) s
10 r (the) s
10 r (hosts,) s
-36 1511 p (reproduced,) s
17 r (and) s
17 r (exited) s
16 r (in) s
16 r (search) s
17 r (of) s
17 r (new) s
17 r (hosts) s
16 r (to) s
16 r (infect.) s
-36 1561 p (Some) s
13 r (people) s
14 r (might) s
14 r (ar) s
(gue) s
13 r (that) s
14 r (since) s
15 r (the) s
14 r (host) s
13 r (was) s
15 r (not) s
13 r (de-) s
-36 1611 p (stroyed) s
6 r (in) s
7 r (this) s
8 r (process,) s
9 r (that) s
8 r (the) s
8 r (infecting) s
7 r (program) s
7 r (was) s
9 r (more) s
-36 1661 p (lik) s
-1 r 101 c
10 r 97 c
11 r (worm) s
11 r (than) s
10 r 97 c
11 r (virus.) s
15 r (But,) s
11 r (as) s
11 r (mentioned) s
10 r (earlier) s
-1 r 44 c
11 r (not) s
10 r (all) s
-36 1711 p (viru) s
-1 r (ses) s
9 r (destroy) s
9 r (their) s
8 r (host) s
9 r (cells.) s
14 r (Denning) s
9 r 91 c
55 c
-1 r 93 c
10 r (de) s
174 c
(nes) s
10 r 97 c
10 r (com-) s
-36 1760 p (puter) s
12 r (worm) s
13 r (as) s
15 r 97 c
14 r (program) s
13 r (which) s
14 r (enters) s
13 r 97 c
15 r (workstation) s
12 r (and) s
-36 1810 p (disables) s
7 r (it.) s
13 r (In) s
8 r (that) s
8 r (sense) s
10 r (the) s
9 r (infection) s
7 r (could) s
8 r (be) s
9 r (considered) s
9 r 97 c
-36 1860 p (worm,) s
8 r (but) s
7 r (we) s
9 r (reject) s
9 r (this) s
7 r (de) s
174 c
(nition.) s
12 r (The) s
9 r (infected) s
9 r (computers) s
-36 1910 p (were) s
9 r (af) s
(fected) s
10 r (but) s
9 r (not) s
9 r (all) s
9 r (were) s
10 r 96 c
-2 r (`disabled') s
-3 r ('.) s
12 r (There) s
11 r (is) s
9 r (also) s
10 r (no) s
-36 1960 p (analog) s
9 r (to) s
9 r (the) s
10 r (segments) s
11 r (of) s
10 r 97 c
11 r (biological) s
8 r (worm.) s
4 2015 p (Denning) s
18 r (has) s
20 r (described) s
19 r (how) s
18 r (many) s
20 r (personal) s
19 r (computer) s
-36 2064 p (progr) s
-1 r (ams) s
12 r (have) s
13 r (been) s
13 r (infected) s
12 r (by) s
12 r (viral) s
12 r (programs[) s
55 c
-1 r (].) s
20 r (These) s
-36 2114 p (are) s
18 r (frequently) s
18 r (analogous) s
19 r (to) s
18 r (lysogenetic) s
18 r (viruses) s
19 r (because) s
-36 2164 p (they) s
9 r (modify) s
10 r (the) s
11 r (actual) s
11 r (program) s
11 r (code) s
11 r (as) s
12 r (stored) s
10 r (in) s
10 r (the) s
11 r (com-) s
-36 2214 p (puter) s
1 r 39 c
-2 r 115 c
14 r (secondary) s
16 r (storage.) s
30 r (As) s
16 r (the) s
15 r (infected) s
15 r (programs) s
16 r (are) s
-36 2264 p (copied) s
15 r (from) s
16 r (computer) s
16 r (to) s
16 r (computer) s
16 r (through) s
14 r (normal) s
16 r (soft-) s
-36 2313 p (ware) s
14 r (distribu) s
-1 r (tio) s
-1 r (n,) s
14 r (the) s
14 r (viral) s
14 r (code) s
14 r (is) s
15 r (also) s
14 r (copied.) s
26 r (At) s
14 r (some) s
-36 2363 p (poin) s
-1 r 116 c
9 r (the) s
11 r (viral) s
10 r (code) s
12 r (may) s
12 r (activate) s
11 r (and) s
11 r (perform) s
11 r (some) s
12 r (action) s
-36 2413 p (such) s
13 r (as) s
15 r (deleting) s
13 r 174 c
(les) s
15 r (or) s
14 r (displaying) s
13 r 97 c
14 r (message.) s
29 r (Applying) s
-36 2463 p (thi) s
-1 r 115 c
6 r (de) s
174 c
(nition) s
6 r (of) s
7 r 97 c
8 r (virus) s
6 r (while) s
7 r (viewing) s
7 r (programs) s
7 r (as) s
8 r 96 c
-2 r (`hosts') s
-3 r 39 c
-36 2513 p (does) s
8 r (not) s
8 r (work) s
8 r (for) s
9 r (the) s
8 r (Internet) s
8 r (infection,) s
9 r (since) s
9 r (the) s
9 r (virus) s
8 r (nei-) s
-36 2562 p (ther) s
8 r (attacked) s
11 r (nor) s
10 r (modi) s
174 c
(ed) s
10 r (programs) s
10 r (in) s
10 r (any) s
10 r (way) s
-2 r 46 c
4 2617 p (If,) s
12 r (however) s
-1 r 44 c
11 r (processes) s
12 r (are) s
13 r (view) s
11 r (as) s
12 r 96 c
-2 r (`host) s
-1 r (s') s
-3 r (',) s
10 r (then) s
11 r (the) s
11 r (In-) s
-36 2667 p (ternet) s
9 r (infection) s
10 r (can) s
12 r (clearly) s
12 r (be) s
11 r (considered) s
11 r 97 c
12 r (viral) s
11 r (infection.) s
-36 2717 p (The) s
9 r (virus) s
8 r (entered) s
10 r (hosts) s
9 r (through) s
8 r 97 c
10 r (daemon) s
10 r (process,) s
10 r (tricking) s
1012 96 p (that) s
9 r (process) s
10 r (into) s
8 r (creating) s
9 r 97 c
9 r (viral) s
9 r (process,) s
10 r (which) s
9 r (would) s
8 r (then) s
1012 146 p (attempt) s
14 r (to) s
13 r (reproduce.) s
24 r (In) s
13 r (only) s
13 r (one) s
14 r (case,) s
16 r (the) s
13 r 174 c
(nger) s
14 r (attack,) s
1012 196 p (was) s
11 r (the) s
11 r (daemon) s
11 r (process) s
11 r (actually) s
9 r (changed;) s
11 r (but) s
9 r (as) s
11 r (we) s
11 r (noted) s
1012 246 p (above) s
11 r (only) s
9 r (lysogenetic) s
10 r (viruses) s
10 r (actually) s
10 r (change) s
11 r (their) s
10 r (host') s
-2 r 115 c
1012 295 p (genetic) s
11 r (material.) s
1054 348 p (Denning) s
12 r (de) s
174 c
(nes) s
13 r 97 c
14 r (bacterium) s
13 r (as) s
13 r 97 c
14 r (program) s
12 r (which) s
13 r (repli-) s
1012 397 p (cates) s
9 r (itself) s
7 r (and) s
7 r (feeds) s
9 r (of) s
102 c
6 r (the) s
8 r (host') s
-2 r 115 c
6 r (computational) s
6 r (resources.) s
1012 447 p (While) s
14 r (this) s
14 r (seems) s
15 r (to) s
14 r (describe) s
15 r (the) s
14 r (program) s
14 r (which) s
14 r (infected) s
1012 497 p (the) s
11 r (Internet,) s
10 r (it) s
10 r (is) s
11 r (an) s
11 r (awkward) s
11 r (and) s
11 r (vague) s
11 r (description) s
9 r (which) s
1012 547 p (doesn') s
116 c
9 r (seem) s
12 r (to) s
10 r (convey) s
10 r (the) s
10 r (nature) s
10 r (of) s
10 r (the) s
10 r (infection) s
9 r (at) s
10 r (all.) s
1054 599 p (Thus) s
10 r (we) s
10 r (have) s
11 r (chosen) s
10 r (to) s
9 r (call) s
10 r (the) s
10 r (program) s
9 r (which) s
10 r (infected) s
1012 649 p (the) s
11 r (Internet) s
9 r 97 c
11 r (virus.) s
13 r 87 c
-2 r 101 c
10 r (feel) s
10 r (it) s
10 r (is) s
10 r (accurate) s
12 r (and) s
10 r (descriptive.) s
t-bol.360 @sf
1012 780 p (1.3) s
51 r (Goals) s
18 r (and) s
19 r 84 c
-4 r (argets) s
t-rom.300 @sf
1012 862 p (The) s
15 r (program) s
14 r (that) s
14 r (attacked) s
15 r (many) s
14 r (Internet) s
14 r (hosts) s
14 r (was) s
14 r (itself) s
1012 912 p (attacked) s
10 r (by) s
9 r (teams) s
10 r (of) s
8 r (programmers) s
10 r (around) s
8 r (the) s
9 r (country) s
-2 r 46 c
12 r (The) s
1012 962 p (goal) s
9 r (of) s
8 r (these) s
9 r (teams) s
9 r (was) s
9 r (to) s
8 r 174 c
(nd) s
8 r (out) s
t-ita.300 @sf
8 r (all) s
t-rom.300 @sf
8 r (the) s
8 r (inner) s
8 r (workings) s
7 r (of) s
1012 1012 p (the) s
10 r (virus.) s
13 r (This) s
10 r (included) s
9 r (not) s
9 r (just) s
9 r (understanding) s
8 r (how) s
9 r (to) s
9 r (stop) s
1012 1062 p (further) s
9 r (attacks,) s
11 r (but) s
9 r (also) s
10 r (understanding) s
8 r (whether) s
10 r (any) s
10 r (perma-) s
1012 1111 p (nent) s
10 r (damage) s
11 r (had) s
11 r (been) s
10 r (done,) s
10 r (including) s
8 r (destruction) s
9 r (or) s
10 r (alter-) s
1012 1161 p (ation) s
11 r (of) s
11 r (data) s
11 r (during) s
10 r (the) s
11 r (actual) s
12 r (infection,) s
11 r (or) s
11 r (possible) s
10 r 96 c
-2 r (`time) s
1012 1211 p (bombs') s
-2 r 39 c
9 r (left) s
10 r (for) s
10 r (later) s
10 r (execution.) s
1054 1263 p (There) s
16 r (were) s
16 r (several) s
16 r (steps) s
15 r (in) s
15 r (achieving) s
15 r (these) s
15 r (goals:) s
23 r (in-) s
1012 1313 p (cluding) s
cmsy10.300 @sf
1054 1365 p 15 c
t-rom.300 @sf
20 r (isolating) s
7 r 97 c
8 r (specimen) s
9 r (of) s
7 r (the) s
8 r (virus) s
7 r (in) s
8 r 97 c
8 r (form) s
8 r (which) s
7 r (could) s
1095 1415 p (be) s
11 r (analyzed.) s
cmsy10.300 @sf
1054 1465 p 15 c
t-rom.300 @sf
20 r 96 c
-2 r (`decompiling') s
-4 r 39 c
15 r (the) s
16 r (virus,) s
17 r (into) s
16 r 97 c
16 r (form) s
17 r (that) s
16 r (could) s
15 r (be) s
1095 1515 p (shown) s
15 r (to) s
15 r (reduce) s
15 r (to) s
15 r (the) s
15 r (executable) s
16 r (of) s
14 r (the) s
15 r (real) s
16 r (thing,) s
1095 1564 p (so) s
11 r (that) s
9 r (the) s
11 r (higher) s
9 r (level) s
10 r (version) s
10 r (could) s
9 r (be) s
11 r (interpreted.) s
cmsy10.300 @sf
1054 1614 p 15 c
t-rom.300 @sf
20 r (analyzing) s
12 r (the) s
11 r (strategies) s
12 r (used) s
12 r (by) s
11 r (the) s
12 r (virus,) s
11 r (and) s
12 r (the) s
12 r (el-) s
1095 1664 p (ements) s
13 r (of) s
12 r (its) s
12 r (design,) s
12 r (in) s
12 r (order) s
12 r (to) s
12 r 174 c
(nd) s
12 r (weaknesses) s
14 r (and) s
1095 1714 p (methods) s
11 r (of) s
10 r (defeating) s
9 r (it.) s
1054 1766 p (The) s
16 r 174 c
(rst) s
15 r (two) s
14 r (steps) s
16 r (were) s
16 r (completed) s
15 r (by) s
15 r (the) s
15 r (morning) s
14 r (of) s
1012 1816 p 52 c
15 r (November) s
15 r (1988.) s
26 r (Enough) s
14 r (of) s
14 r (the) s
14 r (third) s
13 r (was) s
15 r (complete) s
15 r (to) s
1012 1866 p (determine) s
15 r (that) s
14 r (the) s
14 r (virus) s
14 r (was) s
15 r (harmless,) s
17 r (but) s
13 r (there) s
15 r (were) s
15 r (no) s
1012 1915 p (clues) s
14 r (to) s
12 r (the) s
12 r (higher) s
12 r (level) s
13 r (issues,) s
14 r (such) s
12 r (as) s
14 r (the) s
12 r (reason) s
14 r (for) s
12 r (the) s
1012 1965 p (virus') s
10 r (rapid) s
9 r (spread.) s
1054 2017 p (Once) s
12 r (the) s
11 r (decompiled) s
12 r (code) s
12 r (existed,) s
12 r (and) s
11 r (the) s
11 r (threat) s
12 r (of) s
11 r (the) s
1012 2067 p (virus) s
13 r (known) s
13 r (to) s
13 r (be) s
13 r (minimal,) s
15 r (it) s
12 r (was) s
15 r (clear) s
14 r (to) s
13 r (the) s
13 r (MIT) s
14 r (team) s
1012 2117 p (and) s
16 r (those) s
15 r (at) s
16 r (Berkeley) s
16 r (that) s
15 r (the) s
15 r (code) s
16 r (should) s
15 r (be) s
16 r (protected.) s
1012 2167 p 87 c
-2 r 101 c
13 r (understood) s
13 r (that) s
12 r (the) s
14 r (knowledge) s
13 r (required) s
12 r (to) s
13 r (write) s
13 r (such) s
1012 2217 p 97 c
12 r (program) s
10 r (could) s
10 r (not) s
9 r (be) s
11 r (kept) s
10 r (secret,) s
12 r (but) s
10 r (felt) s
10 r (that) s
10 r (if) s
10 r (the) s
10 r (code) s
1012 2266 p (were) s
14 r (publicly) s
10 r (available,) s
14 r (someone) s
13 r (could) s
12 r (too) s
11 r (easily) s
13 r (modify) s
1012 2316 p (it) s
13 r (and) s
12 r (release) s
15 r 97 c
13 r (damaging) s
13 r (mutated) s
12 r (strain.) s
22 r (If) s
12 r (this) s
12 r (occurred) s
1012 2366 p (before) s
9 r (many) s
8 r (hosts) s
8 r (had) s
8 r (removed) s
8 r (the) s
8 r (bugs) s
8 r (which) s
7 r (allowed) s
8 r (the) s
1012 2416 p (penetration) s
9 r (in) s
9 r (the) s
9 r 174 c
(rst) s
10 r (place,) s
10 r (much) s
10 r (damage) s
11 r (would) s
9 r (be) s
9 r (done.) s
1054 2468 p (There) s
11 r (was) s
11 r (also) s
10 r 97 c
10 r (clear) s
11 r (need) s
10 r (to) s
10 r (explain) s
9 r (to) s
9 r (the) s
10 r (community) s
1012 2518 p (what) s
9 r (the) s
9 r (virus) s
8 r (was) s
9 r (and) s
9 r (how) s
9 r (it) s
8 r (worked.) s
13 r (This) s
9 r (information,) s
7 r (in) s
1012 2568 p (the) s
10 r (form) s
9 r (of) s
9 r (this) s
8 r (report,) s
9 r (can) s
10 r (actually) s
9 r (be) s
t-ita.300 @sf
10 r (mor) s
-1 r 101 c
t-rom.300 @sf
9 r (useful) s
9 r (to) s
9 r (inter-) s
1012 2617 p (ested) s
9 r (people) s
8 r (than) s
7 r (the) s
8 r (source) s
9 r (code) s
8 r (could) s
7 r (be,) s
9 r (since) s
9 r (it) s
7 r (includes) s
1012 2667 p (discussion) s
8 r (of) s
8 r (the) s
8 r (side) s
8 r (ef) s
(fects) s
8 r (and) s
8 r (results) s
8 r (of) s
8 r (the) s
8 r (code,) s
9 r (as) s
9 r (well) s
1012 2717 p (as) s
9 r 175 c
(aws) s
8 r (in) s
7 r (it,) s
8 r (rather) s
8 r (than) s
7 r (merely) s
8 r (listing) s
6 r (the) s
7 r (code) s
8 r (line) s
7 r (by) s
8 r (line.) s
965 2842 p 50 c
@eop
3 @bop0
/Courier /c-med.300 ReEncodeForTeX /c-med.300 /c-med.300 41.511000 TeXPSmakefont def
cmr7.300 @sf
[<FFE0FFE07FE0307018300C300E000700038001C001E000F000F070F0F8F0F9E0FBE07FC01F00> 12 19 -2 0 17] 50 @dc
cmr6.300 @sf
[<FFC0FFC07FC0306018600E000700038001C001E000E0E0E0E1E0C3C07F801F00> 11 16 -1 0 15] 50 @dc
3 @bop1
t-rom.300 @sf
-36 96 p (Conv) s
-1 r (ersely) s
-2 r 44 c
6 r (there) s
8 r (are) s
8 r (people) s
7 r (interested) s
7 r (in) s
7 r (the) s
8 r (intricate) s
6 r (detail) s
-36 146 p (of) s
7 r (how) s
8 r (and) s
9 r (why) s
9 r (certain) s
9 r (routines) s
7 r (were) s
10 r (used;) s
9 r (there) s
9 r (should) s
7 r (be) s
-36 196 p (enough) s
6 r (detail) s
7 r (here) s
8 r (to) s
7 r (satisfy) s
7 r (them) s
8 r (as) s
9 r (well.) s
13 r (Readers) s
8 r (will) s
7 r (also) s
-36 246 p 174 c
(nd) s
8 r (Seely[) s
56 c
93 c
10 r (and) s
11 r (Spaf) s
(ford') s
-2 r (s[) s
57 c
-2 r 93 c
10 r (papers) s
10 r (interesting.) s
t-bol.360 @sf
-36 369 p (1.4) s
49 r (Major) s
18 r (Points) s
t-rom.300 @sf
-36 448 p (This) s
13 r (section) s
15 r (provides) s
14 r (an) s
16 r (outline) s
13 r (of) s
15 r (the) s
15 r (how) s
15 r (the) s
14 r (virus) s
15 r (at-) s
-36 498 p (tacked) s
11 r (and) s
13 r (who) s
12 r (it) s
12 r (attacked.) s
21 r (It) s
12 r (also) s
13 r (lists) s
11 r (several) s
14 r (things) s
11 r (the) s
-36 548 p (viru) s
-1 r 115 c
11 r (did) s
11 r (not) s
12 r (do,) s
13 r (but) s
11 r (which) s
12 r (many) s
12 r (people) s
13 r (seem) s
13 r (to) s
12 r (have) s
13 r (at-) s
-36 598 p (trib) s
-1 r (ut) s
-1 r (ed) s
14 r (to) s
14 r (the) s
15 r (virus.) s
28 r (All) s
14 r (of) s
15 r (the) s
14 r (following) s
13 r (points) s
14 r (are) s
15 r (de-) s
-36 648 p (scribed) s
9 r (in) s
9 r (more) s
11 r (detail) s
10 r (in) s
9 r (Section) s
10 r (2.) s
t-bol.300 @sf
-36 763 p (1.4.1) s
40 r (How) s
16 r (it) s
15 r (enter) s
(ed) s
cmsy10.300 @sf
4 841 p 15 c
t-rom.300 @sf
21 r (sendmail) s
8 r (\(needed) s
9 r (debug) s
8 r (mode,) s
10 r (as) s
9 r (in) s
8 r (SunOS) s
9 r (binary) s
7 r (re-) s
46 891 p (leases\)) s
cmsy10.300 @sf
4 941 p 15 c
21 r t-rom.300 @sf
174 c
(nger[) s
(10) s
-1 r 93 c
10 r (\(only) s
9 r 86 c
-4 r (AX) s
9 r (hosts) s
10 r (were) s
11 r (victims\)) s
cmsy10.300 @sf
4 991 p 15 c
t-rom.300 @sf
21 r (remote) s
10 r (execution) s
10 r (system,) s
11 r (using) s
cmsy10.300 @sf
95 1040 p 15 c
t-rom.300 @sf
21 r (rexec) s
cmsy10.300 @sf
95 1090 p 15 c
t-rom.300 @sf
21 r (rsh) s
t-bol.300 @sf
-36 1205 p (1.4.2) s
40 r (Who) s
15 r (it) s
16 r (attacked) s
cmsy10.300 @sf
4 1284 p 15 c
t-rom.300 @sf
21 r (accounts) s
10 r (with) s
9 r (obvious) s
9 r (passwords,) s
11 r (such) s
10 r (as) s
cmsy10.300 @sf
95 1334 p 15 c
t-rom.300 @sf
21 r (none) s
10 r (at) s
10 r (all) s
cmsy10.300 @sf
95 1383 p 15 c
t-rom.300 @sf
21 r (the) s
10 r (user) s
10 r (name) s
cmsy10.300 @sf
95 1433 p 15 c
t-rom.300 @sf
21 r (the) s
10 r (user) s
10 r (name) s
12 r (appended) s
10 r (to) s
10 r (itself) s
cmsy10.300 @sf
95 1483 p 15 c
t-rom.300 @sf
21 r (the) s
10 r 96 c
-2 r (`nickname') s
-2 r 39 c
cmsy10.300 @sf
95 1533 p 15 c
t-rom.300 @sf
21 r (the) s
10 r (last) s
10 r (name) s
cmsy10.300 @sf
95 1583 p 15 c
t-rom.300 @sf
21 r (the) s
10 r (last) s
10 r (name) s
11 r (spelled) s
10 r (backwards) s
cmsy10.300 @sf
4 1632 p 15 c
t-rom.300 @sf
21 r (accounts) s
8 r (with) s
7 r (passwords) s
8 r (in) s
8 r 97 c
9 r (432) s
7 r (word) s
8 r (dictionary) s
7 r (\(see) s
46 1682 p (Appendix) s
9 r (B\)) s
cmsy10.300 @sf
4 1732 p 15 c
t-rom.300 @sf
21 r (accounts) s
10 r (with) s
9 r (passwords) s
11 r (in) s
c-med.300 @sf
9 r (/usr/dict/words) s
cmsy10.300 @sf
4 1782 p 15 c
t-rom.300 @sf
21 r (accounts) s
31 r (which) s
31 r (trusted) s
31 r (other) s
30 r (machines) s
33 r (via) s
31 r (the) s
c-med.300 @sf
46 1832 p (.rhosts) s
t-rom.300 @sf
9 r (mechanism) s
t-bol.300 @sf
-36 1947 p (1.4.3) s
40 r (What) s
15 r (it) s
15 r (attacked) s
cmsy10.300 @sf
4 2025 p 15 c
t-rom.300 @sf
21 r (SUNs) s
10 r (and) s
10 r 86 c
-4 r (AXes) s
10 r (only) s
cmsy10.300 @sf
4 2075 p 15 c
t-rom.300 @sf
21 r (machines) s
11 r (in) s
c-med.300 @sf
9 r (/etc/hosts.equiv) s
cmsy10.300 @sf
4 2125 p 15 c
t-rom.300 @sf
21 r (machines) s
11 r (in) s
c-med.300 @sf
9 r (/.rhosts) s
cmsy10.300 @sf
4 2175 p 15 c
t-rom.300 @sf
21 r (machines) s
11 r (in) s
9 r (cracked) s
12 r (accounts') s
c-med.300 @sf
10 r (.forward) s
10 r t-rom.300 @sf
174 c
(les) s
cmsy10.300 @sf
4 2225 p 15 c
t-rom.300 @sf
21 r (machines) s
11 r (in) s
9 r (cracked) s
12 r (accounts') s
c-med.300 @sf
10 r (.rhosts) s
10 r t-rom.300 @sf
174 c
(les) s
cmsy10.300 @sf
4 2274 p 15 c
t-rom.300 @sf
21 r (machines) s
10 r (listed) s
10 r (as) s
10 r (network) s
9 r (gateways) s
11 r (in) s
10 r (routing) s
8 r (tables) s
cmsy10.300 @sf
4 2324 p 15 c
t-rom.300 @sf
21 r (machines) s
11 r (at) s
10 r (the) s
10 r (far) s
11 r (end) s
10 r (of) s
10 r (point-to) s
-1 r (-poi) s
-1 r (nt) s
8 r (interfaces) s
cmsy10.300 @sf
4 2374 p 15 c
t-rom.300 @sf
21 r (possibly) s
11 r (machines) s
13 r (at) s
13 r (randomly) s
11 r (guessed) s
13 r (addresses) s
14 r (on) s
46 2424 p (networks) s
9 r (of) s
10 r 174 c
(rst) s
10 r (hop) s
10 r (gateways) s
t-bol.300 @sf
-36 2539 p (1.4.4) s
40 r (What) s
15 r (it) s
15 r (did) s
16 r (NOT) s
16 r (do) s
cmsy10.300 @sf
4 2617 p 15 c
t-rom.300 @sf
21 r (gain) s
17 r (privileged) s
17 r (access) s
20 r (\(it) s
17 r (almost) s
18 r (never) s
18 r (broke) s
17 r (in) s
18 r (as) s
c-med.300 @sf
46 2667 p (root) s
t-rom.300 @sf
41 c
cmsy10.300 @sf
4 2717 p 15 c
t-rom.300 @sf
21 r (destroy) s
9 r (or) s
10 r (attempt) s
10 r (to) s
10 r (destroy) s
9 r (any) s
11 r (data) s
cmsy10.300 @sf
1054 96 p 15 c
t-rom.300 @sf
20 r (leave) s
11 r (time) s
11 r (bombs) s
10 r (behind) s
cmsy10.300 @sf
1054 146 p 15 c
t-rom.300 @sf
20 r (dif) s
(ferentiate) s
26 r (among) s
27 r (networks) s
26 r (\(such) s
28 r (as) s
27 r (MILNET) s
-2 r 44 c
1095 196 p (ARP) s
-3 r (ANET\)) s
cmsy10.300 @sf
1054 246 p 15 c
t-rom.300 @sf
20 r (use) s
11 r (UUCP) s
10 r (at) s
11 r (all) s
cmsy10.300 @sf
1054 295 p 15 c
t-rom.300 @sf
20 r (attack) s
8 r (speci) s
174 c
99 c
8 r (well-known) s
5 r (or) s
7 r (privileged) s
6 r (accounts) s
7 r (such) s
1095 345 p (as) s
c-med.300 @sf
11 r (root) s
t-bol.420 @sf
1012 490 p 50 c
59 r (Strategies) s
t-bol.360 @sf
1012 592 p (2.1) s
51 r (Attacks) s
t-rom.300 @sf
1012 671 p (This) s
9 r (virus) s
7 r (attacked) s
8 r (several) s
9 r (things,) s
8 r (directly) s
7 r (and) s
8 r (indirectly) s
-2 r 46 c
11 r (It) s
1012 721 p (picked) s
8 r (out) s
8 r (some) s
8 r (deliberate) s
8 r (tar) s
(gets,) s
8 r (such) s
9 r (as) s
8 r (speci) s
174 c
99 c
9 r (network) s
1012 771 p (daemons) s
16 r (through) s
12 r (which) s
14 r (to) s
14 r (infect) s
14 r (the) s
14 r (remote) s
15 r (host.) s
26 r (There) s
1012 821 p (were) s
15 r (also) s
13 r (less) s
14 r (direct) s
14 r (tar) s
(gets,) s
13 r (such) s
14 r (as) s
14 r (mail) s
14 r (service) s
14 r (and) s
14 r (the) s
1012 871 p 175 c
(ow) s
11 r (of) s
10 r (information) s
8 r (about) s
10 r (the) s
10 r (virus.) s
t-bol.300 @sf
1012 985 p (2.1.1) s
42 r (Sendmail) s
15 r (Debug) s
16 r (Mode) s
t-rom.300 @sf
1012 1065 p (The) s
14 r (virus) s
11 r (exploited) s
12 r (the) s
12 r 96 c
-2 r (`debug') s
-3 r 39 c
10 r (function) s
12 r (of) s
c-med.300 @sf
12 r (sendmail) s
t-rom.300 @sf
44 c
1012 1114 p (which) s
10 r (enables) s
11 r (debugging) s
8 r (mode) s
11 r (for) s
9 r (the) s
10 r (duration) s
9 r (of) s
10 r (the) s
10 r (cur-) s
1012 1164 p (rent) s
14 r (connection.) s
23 r (Debugging) s
12 r (mode) s
13 r (has) s
14 r (many) s
14 r (features,) s
15 r (in-) s
1012 1214 p (cluding) s
11 r (the) s
12 r (ability) s
10 r (to) s
11 r (send) s
12 r 97 c
12 r (mail) s
12 r (message) s
14 r (with) s
10 r 97 c
13 r (program) s
1012 1264 p (as) s
12 r (the) s
11 r (recipient) s
11 r (\(i.e.) s
17 r (the) s
11 r (program) s
11 r (would) s
10 r (run,) s
11 r (with) s
11 r (all) s
10 r (of) s
11 r (its) s
1012 1314 p (input) s
10 r (coming) s
10 r (from) s
11 r (the) s
10 r (body) s
10 r (of) s
11 r (the) s
11 r (message\).) s
17 r (This) s
11 r (is) s
10 r (inap-) s
1012 1363 p (propriate) s
10 r (and) s
11 r (rumor[) s
49 c
-1 r 49 c
-2 r 93 c
10 r (has) s
11 r (it) s
10 r (that) s
10 r (the) s
10 r (author) s
10 r (included) s
9 r (this) s
1012 1413 p (feature) s
14 r (to) s
13 r (allow) s
12 r (him) s
13 r (to) s
13 r (circumvent) s
13 r (security) s
12 r (on) s
13 r 97 c
14 r (machine) s
1012 1463 p (he) s
13 r (was) s
12 r (using) s
12 r (for) s
11 r (testing.) s
18 r (It) s
12 r (certainly) s
11 r (exceeds) s
14 r (the) s
11 r (intended) s
1012 1513 p (design) s
10 r (of) s
10 r (the) s
10 r (Simple) s
10 r (Mail) s
10 r 84 c
(ransfer) s
10 r (Protocol) s
9 r (\(SMTP\)) s
10 r 91 c
(12) s
-1 r (].) s
1054 1564 p (Speci) s
174 c
(cation) s
14 r (of) s
13 r 97 c
15 r (program) s
14 r (to) s
13 r (execute) s
15 r (when) s
14 r (mail) s
14 r (is) s
13 r (re-) s
1012 1613 p (ceived) s
15 r (is) s
13 r (normally) s
13 r (allowed) s
14 r (in) s
13 r (the) s
c-med.300 @sf
14 r (sendmail) s
t-rom.300 @sf
13 r (aliases) s
14 r 174 c
(le) s
1012 1663 p (or) s
11 r (users') s
c-med.300 @sf
11 r (.forward) s
10 r t-rom.300 @sf
174 c
(les) s
11 r (directly) s
-2 r 44 c
10 r (for) s
c-med.300 @sf
10 r (vacation) s
cmr7.300 @sf
1874 1649 p 50 c
t-rom.300 @sf
1892 1663 p 44 c
12 r (mail) s
1012 1713 p (archive) s
13 r (programs,) s
12 r (and) s
12 r (personal) s
12 r (mail) s
12 r (sorters.) s
18 r (It) s
12 r (is) s
t-ita.300 @sf
11 r (not) s
t-rom.300 @sf
11 r (nor-) s
1012 1763 p (mally) s
12 r (allowed) s
12 r (for) s
12 r (incoming) s
11 r (connections.) s
19 r (In) s
12 r (the) s
12 r (virus,) s
12 r (the) s
1012 1813 p 96 c
-2 r (`recipient') s
-3 r 39 c
12 r (was) s
15 r 97 c
15 r (command) s
15 r (to) s
13 r (strip) s
14 r (of) s
102 c
13 r (the) s
14 r (mail) s
14 r (headers) s
1012 1862 p (and) s
14 r (pass) s
15 r (the) s
13 r (remainder) s
14 r (of) s
14 r (the) s
13 r (message) s
15 r (to) s
14 r 97 c
14 r (command) s
14 r (in-) s
1012 1912 p (terpreter) s
-1 r 46 c
17 r (The) s
13 r (body) s
10 r (was) s
13 r 97 c
12 r (script) s
11 r (that) s
11 r (created) s
13 r 97 c
12 r 67 c
11 r (program,) s
1012 1962 p (the) s
8 r 96 c
-2 r (`grappli) s
-1 r (ng) s
6 r (hook,') s
-2 r 39 c
6 r (which) s
7 r (transfered) s
8 r (the) s
8 r (rest) s
8 r (of) s
7 r (the) s
8 r (mod-) s
1012 2012 p (ules) s
13 r (from) s
13 r (the) s
12 r (originiati) s
-1 r (ng) s
11 r (host,) s
13 r (and) s
13 r (the) s
12 r (commands) s
14 r (to) s
12 r (link) s
1012 2062 p (and) s
11 r (execute) s
11 r (them.) s
15 r (Both) s
9 r 86 c
-4 r (AX) s
9 r (and) s
11 r (Sun) s
10 r (binaries) s
10 r (were) s
11 r (trans-) s
1012 2111 p (fered) s
13 r (and) s
12 r (both) s
10 r (would) s
11 r (be) s
12 r (tried) s
11 r (in) s
12 r (turn,) s
11 r (no) s
12 r (attempt) s
11 r (to) s
12 r (deter-) s
1012 2161 p (mine) s
14 r (the) s
13 r (machine) s
14 r (type) s
13 r (was) s
14 r (made.) s
24 r (On) s
13 r (other) s
12 r (architectures) s
1012 2211 p (the) s
9 r (programs) s
10 r (would) s
8 r (not) s
8 r (run,) s
9 r (but) s
8 r (would) s
9 r (use) s
9 r (resources) s
10 r (in) s
9 r (the) s
1012 2261 p (linking) s
7 r (process.) s
14 r (All) s
7 r (other) s
8 r (attacks) s
9 r (used) s
9 r (the) s
8 r (same) s
10 r 96 c
-2 r (`grappl) s
-1 r (ing) s
1012 2311 p (hook') s
-2 r 39 c
7 r (mechanism,) s
10 r (but) s
8 r (used) s
9 r (other) s
8 r 175 c
(aws) s
9 r (to) s
8 r (inject) s
8 r (the) s
8 r 96 c
-2 r (`grap-) s
1012 2361 p (pling) s
9 r (hook') s
-2 r 39 c
8 r (into) s
9 r (the) s
10 r (tar) s
(get) s
9 r (machine.) s
1054 2411 p (The) s
10 r (fact) s
11 r (that) s
9 r (debug) s
9 r (was) s
11 r (enabled) s
10 r (by) s
9 r (default) s
10 r (was) s
10 r (reported) s
1012 2461 p (to) s
11 r (Berkeley) s
12 r (by) s
11 r (several) s
12 r (sources) s
12 r (during) s
10 r (the) s
11 r (4.2BSD) s
11 r (release.) s
1012 2511 p (The) s
15 r (4.3BSD) s
14 r (release) s
16 r (as) s
15 r (well) s
14 r (as) s
15 r (Sun) s
14 r (releases) s
15 r (still) s
13 r (had) s
14 r (this) s
1012 2561 p (option) s
9 r (enabled) s
11 r (by) s
10 r (default) s
10 r 91 c
(13) s
-1 r (].) s
15 r (The) s
12 r (then) s
10 r (current) s
10 r (release) s
12 r (of) s
1012 2600 p 390 2 ru
cmr6.300 @sf
1055 2627 p 50 c
t-rom.240 @sf
1072 2638 p 65 c
10 r (program) s
8 r (which) s
9 r (accepts) s
8 r (incoming) s
8 r (mail) s
10 r (and) s
8 r (sends) s
9 r (back) s
8 r (mail) s
9 r (to) s
10 r (the) s
1012 2678 p (original) s
7 r (sender) s
44 c
5 r (usually) s
7 r (saying) s
6 r (something) s
6 r (like) s
7 r 96 c
-1 r (`I) s
6 r (am) s
7 r (on) s
7 r (vacation,) s
6 r (and) s
7 r (will) s
1012 2717 p (not) s
8 r (read) s
8 r (your) s
7 r (mail) s
8 r (until) s
8 r 73 c
9 r (return.') s
-1 r 39 c
t-rom.300 @sf
965 2842 p 51 c
@eop
4 @bop0
cmr7.300 @sf
[<1FC03FF07078F838F83CF83C703C003800700FC00FC000F0007038787878787838703FE00FC0> 14 19 -1 0 17] 51 @dc
cmr6.300 @sf
[<3F007F80E1C0E1E041E001E001C003C00F000F80038023C073C073C03F801F00> 11 16 -1 0 15] 51 @dc
cmr7.300 @sf
[<07FC07FC00E000E000E000E0FFFCFFFCE0E070E030E018E01CE00EE007E003E001E001E000E0> 14 19 -1 0 17] 52 @dc
cmr6.300 @sf
[<1FE01FE0038003800380FFE0FFE0E380738033801B801F800F80078007800380> 11 16 -1 0 15] 52 @dc
4 @bop1
t-rom.300 @sf
-36 96 p (Ultr) s
-1 r (ix) s
10 r (did) s
12 r (not) s
12 r (have) s
13 r (debug) s
12 r (mode) s
13 r (enabled,) s
14 r (but) s
12 r (the) s
12 r (beta) s
13 r (test) s
-36 146 p (version) s
13 r (of) s
15 r (the) s
15 r (newest) s
16 r (release) s
16 r (did) s
15 r (have) s
15 r (debug) s
15 r (enabled) s
16 r (\(it) s
-36 196 p (was) s
11 r (disabled) s
12 r (before) s
12 r 174 c
(nally) s
12 r (being) s
11 r (shipped\).) s
19 r (MIT') s
-1 r 115 c
11 r (Project) s
-36 246 p (Athena) s
14 r (was) s
16 r (among) s
15 r 97 c
16 r (number) s
15 r (of) s
15 r (sites) s
15 r (which) s
15 r (went) s
15 r (out) s
15 r (of) s
-36 295 p (its) s
9 r (way) s
11 r (to) s
10 r (disable) s
11 r (debug) s
10 r (mode;) s
11 r (however) s
-1 r 44 c
11 r (it) s
10 r (is) s
11 r (unlikely) s
9 r (that) s
-36 345 p (many) s
9 r (binary-only) s
8 r (sites) s
10 r (were) s
11 r (able) s
11 r (to) s
10 r (be) s
10 r (as) s
11 r (diligent.) s
t-bol.300 @sf
-36 483 p (2.1.2) s
40 r (Finger) s
17 r (Daemon) s
15 r (Bug) s
t-rom.300 @sf
-36 570 p (The) s
12 r (virus) s
11 r (hit) s
11 r (the) s
12 r 174 c
(nger) s
13 r (daemon) s
13 r 40 c
c-med.300 @sf
(fingerd) s
t-rom.300 @sf
41 c
11 r (by) s
12 r (over) s
175 c
(ow-) s
-36 620 p (ing) s
11 r 97 c
14 r (buf) s
(fer) s
13 r (which) s
13 r (was) s
14 r (allocated) s
14 r (on) s
13 r (the) s
13 r (stack.) s
25 r (The) s
14 r (over-) s
-36 670 p 175 c
(ow) s
11 r (was) s
13 r (possible) s
12 r (because) s
c-med.300 @sf
14 r (fingerd) s
t-rom.300 @sf
12 r (used) s
13 r 97 c
13 r (library) s
12 r (func-) s
-36 720 p (tio) s
-1 r 110 c
8 r (which) s
9 r (did) s
9 r (not) s
8 r (do) s
10 r (range) s
9 r (checking.) s
14 r (Since) s
10 r (the) s
10 r (buf) s
(fer) s
8 r (was) s
-36 770 p (on) s
13 r (the) s
15 r (stack,) s
17 r (the) s
15 r (over) s
175 c
(ow) s
15 r (allowed) s
14 r 97 c
16 r (fake) s
16 r (stack) s
15 r (frame) s
16 r (to) s
-36 819 p (be) s
11 r (created,) s
15 r (which) s
12 r (caused) s
13 r 97 c
13 r (small) s
13 r (piece) s
13 r (of) s
12 r (code) s
13 r (to) s
12 r (be) s
13 r (exe-) s
-36 869 p (cuted) s
10 r (when) s
11 r (the) s
12 r (procedure) s
11 r (returned) s
cmr7.300 @sf
555 855 p 51 c
t-rom.300 @sf
573 869 p 46 c
18 r (The) s
12 r (library) s
10 r (function) s
-36 919 p (in) s
12 r (question) s
12 r (turns) s
13 r (out) s
13 r (to) s
13 r (be) s
14 r 97 c
14 r (backward-compatibility) s
11 r (rou-) s
-36 969 p (tin) s
-1 r (e,) s
10 r (which) s
9 r (should) s
9 r (not) s
10 r (have) s
11 r (been) s
10 r (needed) s
11 r (after) s
11 r (1979) s
9 r 91 c
(14) s
-1 r (].) s
4 1024 p (Only) s
16 r (4.3BSD) s
17 r 86 c
-4 r (AX) s
16 r (machines) s
18 r (were) s
18 r (attacked) s
17 r (this) s
17 r (way) s
-2 r 46 c
-36 1074 p (The) s
14 r (virus) s
14 r (did) s
14 r (not) s
14 r (attempt) s
14 r 97 c
16 r (Sun) s
14 r (speci) s
174 c
99 c
16 r (attack) s
15 r (on) s
15 r 174 c
(nger) s
-36 1123 p (and) s
13 r (its) s
14 r 86 c
-4 r (AX) s
13 r (attack) s
14 r (failed) s
15 r (when) s
14 r (invoked) s
13 r (on) s
14 r 97 c
15 r (Sun) s
14 r (tar) s
(get.) s
-36 1173 p (Ultr) s
-1 r (ix) s
9 r (was) s
13 r (not) s
11 r (vulnerable) s
11 r (to) s
11 r (this) s
10 r (since) s
12 r (production) s
10 r (releases) s
-36 1223 p (did) s
8 r (not) s
9 r (include) s
10 r 97 c
c-med.300 @sf
11 r (fingerd) s
t-rom.300 @sf
46 c
t-bol.300 @sf
-36 1361 p (2.1.3) s
40 r (Rexec) s
17 r (and) s
16 r (Passwords) s
t-rom.300 @sf
-36 1448 p (The) s
16 r (virus) s
17 r (attacked) s
18 r (using) s
16 r (the) s
17 r (Berkeley) s
17 r (remote) s
18 r (execution) s
-36 1498 p (prot) s
-1 r (ocol,) s
9 r (which) s
10 r (required) s
10 r (the) s
11 r (user) s
11 r (name) s
11 r (and) s
11 r (plaintext) s
9 r (pass-) s
-36 1548 p (word) s
5 r (to) s
7 r (be) s
7 r (passed) s
8 r (over) s
7 r (the) s
7 r (net.) s
13 r (The) s
8 r (program) s
7 r (only) s
6 r (used) s
8 r (pairs) s
-36 1598 p (of) s
12 r (user) s
15 r (names) s
15 r (and) s
14 r (passwords) s
15 r (which) s
14 r (it) s
13 r (had) s
14 r (already) s
15 r (tested) s
-36 1647 p (and) s
7 r (found) s
7 r (to) s
7 r (be) s
9 r (correct) s
8 r (on) s
8 r (the) s
8 r (local) s
8 r (host.) s
13 r 65 c
8 r (common,) s
10 r (world) s
-36 1697 p (readable) s
7 r 174 c
(le) s
7 r 40 c
c-med.300 @sf
(/etc/passwd) s
t-rom.300 @sf
41 c
7 r (that) s
6 r (contains) s
7 r (the) s
8 r (user) s
7 r (names) s
-36 1747 p (and) s
11 r (encrypted) s
13 r (passwords) s
12 r (for) s
13 r (every) s
13 r (user) s
12 r (on) s
13 r (the) s
12 r (system) s
13 r (fa-) s
-36 1797 p (cilit) s
-1 r (ated) s
9 r (this) s
9 r (search.) s
15 r (Speci) s
174 c
(cally:) s
cmsy10.300 @sf
4 1852 p 15 c
t-rom.300 @sf
21 r (this) s
9 r 174 c
(le) s
10 r (was) s
10 r (an) s
11 r (easy-to-obtain) s
8 r (list) s
9 r (of) s
10 r (user) s
10 r (names) s
11 r (to) s
10 r (at-) s
46 1902 p (tack,) s
cmsy10.300 @sf
4 1951 p 15 c
t-rom.300 @sf
21 r (the) s
11 r (dictionary) s
10 r (attack) s
12 r (was) s
12 r 97 c
13 r (method) s
11 r (of) s
11 r (verifying) s
10 r (pass-) s
46 2001 p (word) s
15 r (guesses) s
16 r (which) s
15 r (would) s
15 r (not) s
15 r (be) s
16 r (noted) s
15 r (in) s
15 r (security) s
46 2051 p (logs.) s
-36 2106 p (The) s
14 r (principle) s
13 r (of) s
14 r 96 c
-2 r (`least) s
14 r (privilege') s
-3 r 39 c
13 r 91 c
(15) s
-1 r 93 c
15 r (is) s
14 r (violated) s
14 r (by) s
14 r (the) s
-36 2156 p (existence) s
11 r (of) s
12 r (this) s
11 r (password) s
12 r 174 c
(le.) s
20 r 84 c
-2 r (ypical) s
11 r (programs) s
12 r (have) s
13 r (no) s
-36 2205 p (need) s
11 r (for) s
12 r 97 c
12 r (list) s
11 r (of) s
12 r (user) s
12 r (names) s
14 r (and) s
12 r (password) s
12 r (strings,) s
11 r (so) s
12 r (this) s
-36 2255 p (priv) s
-1 r (il) s
-1 r (eged) s
8 r (information) s
6 r (should) s
8 r (not) s
8 r (be) s
9 r (available) s
8 r (to) s
8 r (them.) s
14 r (For) s
-36 2305 p (example,) s
12 r (Project) s
12 r (Athena') s
-1 r 115 c
11 r (network) s
11 r (authentication) s
11 r (system,) s
t-ita.300 @sf
-36 2355 p (Kerber) s
-1 r (os) s
t-rom.300 @sf
11 r 91 c
(16) s
-1 r (],) s
13 r (keeps) s
13 r (passwords) s
12 r (on) s
12 r 97 c
13 r (central) s
12 r (server) s
13 r (which) s
-36 2405 p (logs) s
14 r (authentication) s
14 r (requests,) s
18 r (thus) s
15 r (hiding) s
14 r (the) s
16 r (list) s
15 r (of) s
15 r (valid) s
-36 2454 p (user) s
12 r (names.) s
24 r (However) s
-1 r 44 c
14 r (once) s
14 r 97 c
14 r (name) s
14 r (is) s
13 r (found,) s
14 r (the) s
13 r (authen-) s
-36 2504 p (ticatio) s
-1 r 110 c
8 r 96 c
-2 r (`ticket') s
-3 r 39 c
8 r (is) s
10 r (still) s
9 r (vulnerable) s
10 r (to) s
9 r (dictionary) s
9 r (attack.) s
-36 2560 p 390 2 ru
cmr6.300 @sf
5 2588 p 51 c
t-rom.240 @sf
22 2599 p (MIT') s
-1 r 115 c
5 r (Project) s
7 r (Athena) s
5 r (has) s
5 r 97 c
6 r 96 c
-1 r (`write') s
-1 r 39 c
4 r (daemon) s
4 r (which) s
6 r (has) s
5 r 97 c
6 r (similar) s
6 r (piece) s
-36 2638 p (of) s
7 r (code) s
5 r (with) s
7 r (the) s
8 r (same) s
6 r 175 c
(aw) s
8 r (but) s
7 r (it) s
8 r (explicitly) s
7 r (exits) s
7 r (rather) s
7 r (than) s
7 r (returning,) s
7 r (and) s
-36 2678 p (thus) s
6 r (never) s
7 r (uses) s
8 r (the) s
8 r (\(damaged\)) s
6 r (return) s
8 r (stack.) s
11 r 65 c
8 r (comment) s
7 r (in) s
8 r (the) s
8 r (code) s
7 r (notes) s
-36 2717 p (that) s
7 r (it) s
8 r (is) s
9 r (mostly) s
8 r (copied) s
6 r (from) s
8 r (the) s
8 r 174 c
(nger) s
8 r (daemon.) s
t-bol.300 @sf
1012 96 p (2.1.4) s
42 r (Rsh) s
16 r (and) s
16 r 84 c
-2 r (rust) s
t-rom.300 @sf
1012 192 p (The) s
14 r (virus) s
11 r (attempted) s
12 r (to) s
12 r (use) s
13 r (the) s
12 r (Berkeley) s
13 r (remote) s
12 r (shell) s
12 r (pro-) s
1012 241 p (gram) s
13 r (\(called) s
c-med.300 @sf
12 r (rsh) s
t-rom.300 @sf
41 c
12 r (to) s
11 r (attack) s
13 r (other) s
11 r (machines) s
13 r (without) s
11 r (using) s
1012 291 p (passwords.) s
25 r (The) s
14 r (remote) s
14 r (shell) s
13 r (utility) s
11 r (is) s
14 r (similar) s
13 r (in) s
13 r (function) s
1012 341 p (to) s
11 r (the) s
11 r (remote) s
11 r (execution) s
10 r (system,) s
12 r (although) s
9 r (it) s
11 r (is) s
10 r 96 c
-2 r (`friendli) s
-1 r (er) s
2 r 39 c
-3 r 39 c
1012 391 p (since) s
10 r (the) s
10 r (remote) s
10 r (end) s
9 r (of) s
10 r (the) s
9 r (connection) s
9 r (is) s
9 r 97 c
10 r (command) s
11 r (inter-) s
1012 441 p (preter) s
-1 r 44 c
10 r (instead) s
10 r (of) s
10 r (the) s
t-ita.300 @sf
11 r (exec) s
t-rom.300 @sf
12 r (function.) s
12 r (For) s
10 r (convenience,) s
12 r 97 c
10 r 174 c
(le) s
c-med.300 @sf
1012 490 p (/etc/hosts.equiv) s
t-rom.300 @sf
12 r (can) s
15 r (contain) s
12 r 97 c
14 r (list) s
13 r (of) s
13 r (hosts) s
12 r (trusted) s
1012 540 p (by) s
11 r (this) s
10 r (host.) s
15 r (The) s
c-med.300 @sf
11 r (.rhosts) s
10 r t-rom.300 @sf
174 c
(le) s
11 r (provides) s
10 r (similar) s
10 r (function-) s
1012 590 p (ality) s
9 r (on) s
10 r 97 c
11 r (per) s
(-user) s
9 r (basis.) s
14 r (The) s
11 r (remote) s
10 r (host) s
9 r (can) s
11 r (pass) s
10 r (the) s
10 r (user) s
1012 640 p (name) s
15 r (from) s
14 r 97 c
15 r (trusted) s
13 r (port) s
13 r (\(one) s
13 r (which) s
14 r (can) s
15 r (only) s
12 r (be) s
15 r (opened) s
1012 690 p (by) s
c-med.300 @sf
10 r (root) s
t-rom.300 @sf
41 c
10 r (and) s
10 r (the) s
10 r (local) s
9 r (host) s
10 r (will) s
8 r (trust) s
9 r (that) s
10 r (as) s
10 r (proof) s
9 r (that) s
10 r (the) s
1012 739 p (connection) s
10 r (is) s
10 r (being) s
10 r (made) s
11 r (for) s
10 r (the) s
10 r (named) s
11 r (user) s
-1 r 46 c
1054 799 p (This) s
12 r (system) s
12 r (has) s
13 r (an) s
12 r (important) s
11 r (design) s
11 r 175 c
(aw) s
-2 r 44 c
13 r (which) s
11 r (is) s
12 r (that) s
1012 848 p (the) s
14 r (local) s
14 r (host) s
13 r (only) s
13 r (knows) s
13 r (the) s
14 r (remote) s
14 r (host) s
14 r (by) s
13 r (its) s
13 r (network) s
1012 898 p (address,) s
15 r (which) s
13 r (can) s
14 r (often) s
12 r (be) s
13 r (for) s
(ged.) s
21 r (It) s
13 r (also) s
13 r (trusts) s
12 r (the) s
13 r (ma-) s
1012 948 p (chine,) s
13 r (rather) s
12 r (than) s
11 r (any) s
12 r (property) s
10 r (of) s
12 r (the) s
11 r (user) s
-1 r 44 c
12 r (leaving) s
11 r (the) s
12 r (ac-) s
1012 998 p (count) s
12 r (open) s
11 r (to) s
11 r (attack) s
13 r (at) s
11 r (all) s
12 r (times) s
12 r (rather) s
11 r (than) s
12 r (when) s
12 r (the) s
11 r (user) s
1012 1048 p (is) s
11 r (present) s
11 r 91 c
(16) s
(].) s
16 r (The) s
12 r (virus) s
10 r (took) s
10 r (advantage) s
11 r (of) s
11 r (the) s
11 r (latter) s
10 r 175 c
(aw) s
1012 1097 p (to) s
11 r (propagate) s
11 r (between) s
11 r (accounts) s
12 r (on) s
11 r (trusted) s
10 r (machines.) s
18 r (Least) s
1012 1147 p (privilege) s
14 r (would) s
13 r (also) s
15 r (indicate) s
14 r (that) s
14 r (the) s
15 r (lists) s
14 r (of) s
14 r (trusted) s
14 r (ma-) s
1012 1197 p (chines) s
13 r (be) s
12 r (only) s
11 r (accessible) s
14 r (to) s
11 r (the) s
12 r (daemons) s
13 r (who) s
11 r (need) s
13 r (to) s
11 r (de-) s
1012 1247 p (cide) s
11 r (to) s
10 r (whether) s
10 r (or) s
10 r (not) s
9 r (to) s
10 r (grant) s
9 r (access) s
1 r 46 c
t-bol.300 @sf
1012 1408 p (2.1.5) s
42 r (Information) s
15 r (Flow) s
t-rom.300 @sf
1012 1504 p (When) s
16 r (it) s
14 r (became) s
17 r (clear) s
15 r (that) s
15 r (the) s
15 r (virus) s
14 r (was) s
15 r (propagating) s
14 r (via) s
c-med.300 @sf
1012 1554 p (sendmail) s
t-rom.300 @sf
44 c
13 r (the) s
11 r 174 c
(rst) s
12 r (reaction) s
12 r (of) s
11 r (many) s
12 r (sites) s
12 r (was) s
13 r (to) s
11 r (cut) s
12 r (of) s
102 c
1012 1603 p (mail) s
10 r (service.) s
15 r (This) s
10 r (turned) s
9 r (out) s
10 r (to) s
9 r (be) s
11 r 97 c
t-ita.300 @sf
10 r (serious) s
t-rom.300 @sf
10 r (mistake,) s
11 r (since) s
1012 1653 p (it) s
9 r (cut) s
10 r (of) s
102 c
9 r (the) s
9 r (information) s
8 r (needed) s
11 r (to) s
9 r 174 c
120 c
10 r (the) s
9 r (problem.) s
14 r (Mailer) s
1012 1703 p (programs) s
12 r (on) s
10 r (major) s
12 r (forwarding) s
9 r (nodes,) s
12 r (such) s
12 r (as) s
t-ita.300 @sf
12 r 114 c
-1 r (elay) s
-1 r (.cs.net) s
t-rom.300 @sf
44 c
1012 1753 p (were) s
10 r (shut) s
8 r (down) s
8 r (delaying) s
8 r (some) s
10 r (critical) s
8 r (messages) s
11 r (by) s
8 r (as) s
10 r (long) s
1012 1803 p (as) s
18 r (twenty) s
15 r (hours.) s
32 r (Since) s
17 r (the) s
16 r (virus) s
16 r (had) s
16 r (alternate) s
17 r (infection) s
1012 1852 p (channels) s
9 r 40 c
c-med.300 @sf
(rexec) s
t-rom.300 @sf
7 r (and) s
c-med.300 @sf
8 r (finger) s
t-rom.300 @sf
(\),) s
8 r (this) s
7 r (made) s
8 r (the) s
8 r (isolated) s
7 r (ma-) s
1012 1902 p (chine) s
10 r 97 c
9 r (safe) s
10 r (haven) s
9 r (for) s
9 r (the) s
9 r (virus,) s
9 r (as) s
9 r (well) s
9 r (as) s
10 r (cutting) s
7 r (of) s
102 c
8 r (infor-) s
1012 1952 p (mation) s
8 r (from) s
9 r (machines) s
9 r (further) s
8 r 96 c
-2 r (`downst) s
-1 r (ream') s
-2 r 39 c
7 r (\(thus) s
7 r (placing) s
1012 2002 p (them) s
8 r (in) s
7 r (greater) s
8 r (danger\)) s
7 r (since) s
8 r (no) s
8 r (information) s
5 r (about) s
7 r (the) s
7 r (virus) s
1012 2052 p (could) s
8 r (reach) s
8 r (them) s
8 r (by) s
8 r (mail) s
cmr7.300 @sf
1425 2038 p 52 c
t-rom.300 @sf
1443 2052 p 46 c
14 r (Thus,) s
8 r (by) s
8 r (attacking) s
c-med.300 @sf
7 r (sendmail) s
t-rom.300 @sf
44 c
1012 2102 p (the) s
16 r (virus) s
15 r (indirectly) s
14 r (attacked) s
16 r (the) s
15 r 175 c
(ow) s
16 r (of) s
15 r (information) s
14 r (that) s
1012 2151 p (was) s
11 r (the) s
11 r (only) s
9 r (real) s
10 r (defense) s
11 r (against) s
10 r (its) s
10 r (spread.) s
t-bol.360 @sf
1012 2321 p (2.2) s
51 r (Self) s
18 r (Pr) s
(otection) s
t-rom.300 @sf
1012 2417 p (The) s
12 r (virus) s
11 r (used) s
11 r 97 c
12 r (number) s
11 r (of) s
11 r (techniques) s
11 r (to) s
11 r (evade) s
12 r (detection.) s
1012 2466 p (It) s
15 r (attempted) s
15 r (both) s
14 r (to) s
14 r (cover) s
15 r (it) s
14 r (tracks) s
15 r (and) s
15 r (to) s
15 r (blend) s
14 r (into) s
14 r (the) s
1012 2516 p (normal) s
11 r (UNIX) s
11 r (environment) s
9 r (using) s
10 r (camou) s
175 c
(age.) s
17 r (These) s
12 r (tech-) s
1012 2566 p (niques) s
10 r (had) s
11 r (had) s
10 r (varying) s
9 r (degrees) s
11 r (of) s
10 r (ef) s
(fectiveness.) s
1012 2639 p 390 2 ru
cmr6.300 @sf
1055 2667 p 52 c
t-rom.240 @sf
1072 2678 p (USENET) s
16 r (news) s
13 r 91 c
(17) s
-1 r 93 c
15 r (was) s
13 r (an) s
14 r (ef) s
(fective) s
13 r (side-channe) s
-1 r 108 c
13 r (of) s
14 r (information) s
1012 2717 p (spread,) s
8 r (although) s
6 r 97 c
8 r (number) s
7 r (of) s
8 r (sites) s
8 r (disabled) s
7 r (that) s
8 r (as) s
8 r (well.) s
t-rom.300 @sf
965 2842 p 52 c
@eop
5 @bop0
cmr7.300 @sf
[<07C01FE038707038703CF03CF03CF03CF03CF838FFF0F7E0F0007030787838781C380FF003E0> 14 19 -1 0 17] 54 @dc
5 @bop1
t-bol.300 @sf
-36 96 p (2.2.1) s
40 r (Covering) s
16 r 84 c
-2 r (racks) s
t-rom.300 @sf
-36 179 p (The) s
13 r (program) s
14 r (did) s
14 r 97 c
15 r (number) s
14 r (of) s
14 r (things) s
12 r (to) s
14 r (cover) s
15 r (its) s
13 r (trail.) s
25 r (It) s
-36 229 p (erased) s
10 r (its) s
9 r (ar) s
(gument) s
9 r (list,) s
10 r (once) s
10 r (it) s
9 r (had) s
10 r 174 c
(nished) s
10 r (processing) s
10 r (the) s
-36 279 p (ar) s
(guments,) s
11 r (so) s
13 r (that) s
12 r (the) s
13 r (process) s
13 r (status) s
12 r (command) s
14 r (would) s
11 r (not) s
-36 329 p (show) s
9 r (how) s
9 r (it) s
10 r (was) s
11 r (invoked.) s
4 381 p (It) s
12 r (also) s
13 r (deleted) s
12 r (the) s
13 r (executing) s
12 r (binary) s
-2 r 44 c
12 r (which) s
12 r (would) s
12 r (leave) s
-36 431 p (the) s
14 r (data) s
17 r (intact) s
15 r (but) s
15 r (unnamed,) s
18 r (and) s
16 r (only) s
15 r (referenced) s
17 r (by) s
16 r (the) s
-36 481 p (execution) s
13 r (of) s
14 r (the) s
15 r (program.) s
28 r (If) s
14 r (the) s
15 r (machine) s
16 r (were) s
15 r (rebooted) s
-36 531 p (whil) s
-1 r 101 c
14 r (the) s
14 r (virus) s
14 r (was) s
15 r (actually) s
15 r (running,) s
14 r (the) s
15 r 174 c
(le) s
14 r (system) s
16 r (sal-) s
-36 580 p (vager) s
8 r (would) s
8 r (recover) s
9 r (the) s
9 r 174 c
(le) s
9 r (after) s
9 r (the) s
9 r (reboot.) s
13 r (Otherwise) s
9 r (the) s
-36 630 p (progr) s
-1 r (am) s
10 r (would) s
9 r (vanish) s
9 r (after) s
11 r (exiting.) s
4 683 p (The) s
15 r (program) s
13 r (also) s
14 r (used) s
14 r (resource) s
15 r (limit) s
13 r (functions) s
12 r (to) s
14 r (pre-) s
-36 733 p (vent) s
10 r 97 c
12 r (core) s
13 r (dump.) s
18 r (Thus,) s
13 r (it) s
11 r (prevented) s
11 r (any) s
12 r (bugs) s
11 r (in) s
12 r (the) s
11 r (pro-) s
-36 782 p (gram) s
9 r (from) s
10 r (leaving) s
10 r (tell-tale) s
9 r (traces) s
11 r (behind.) s
t-bol.300 @sf
-36 908 p (2.2.2) s
40 r (Camou\015age) s
t-rom.300 @sf
-36 991 p (It) s
11 r (was) s
14 r (compiled) s
13 r (under) s
12 r (the) s
13 r (name) s
c-med.300 @sf
15 r (sh) s
t-rom.300 @sf
44 c
14 r (the) s
13 r (same) s
14 r (name) s
14 r (used) s
-36 1041 p (by) s
13 r (the) s
14 r (Bourne) s
14 r (Shell,) s
15 r 97 c
15 r (command) s
15 r (interpreter) s
14 r (which) s
14 r (is) s
14 r (of-) s
-36 1091 p (ten) s
10 r (used) s
12 r (in) s
11 r (shell) s
11 r (scripts) s
11 r (and) s
12 r (automatic) s
11 r (commands.) s
19 r (Even) s
12 r 97 c
-36 1140 p (dil) s
-1 r (igent) s
8 r (system) s
11 r (manager) s
11 r (would) s
9 r (probably) s
9 r (not) s
10 r (notice) s
9 r 97 c
11 r (lar) s
(ge) s
-36 1190 p (number) s
9 r (of) s
10 r (shells) s
10 r (running) s
8 r (for) s
10 r (short) s
9 r (periods) s
10 r (of) s
10 r (time.) s
4 1243 p (The) s
16 r (virus) s
14 r (forked,) s
16 r (splitti) s
-1 r (ng) s
13 r (into) s
14 r 97 c
15 r (parent) s
15 r (and) s
15 r (child,) s
15 r (ap-) s
-36 1293 p (proxi) s
-1 r (mately) s
13 r (every) s
14 r (three) s
15 r (minutes.) s
26 r (The) s
15 r (parent) s
15 r (would) s
13 r (then) s
-36 1342 p (exit,) s
18 r (leaving) s
18 r (the) s
18 r (child) s
17 r (to) s
18 r (continue) s
17 r (from) s
18 r (the) s
18 r (exact) s
19 r (same) s
-36 1392 p (place.) s
12 r (This) s
8 r (had) s
8 r (the) s
7 r (ef) s
(fect) s
8 r (of) s
7 r 96 c
-2 r (`refreshing') s
-3 r 39 c
5 r (the) s
8 r (process,) s
9 r (since) s
-36 1442 p (the) s
5 r (new) s
7 r (fork) s
7 r (started) s
6 r (of) s
102 c
6 r (with) s
6 r (no) s
6 r (resources) s
8 r (used,) s
8 r (such) s
7 r (as) s
8 r (CPU) s
-36 1492 p (time) s
12 r (or) s
13 r (memory) s
14 r (usage.) s
25 r (It) s
13 r (also) s
13 r (kept) s
13 r (each) s
15 r (run) s
13 r (of) s
13 r (the) s
13 r (virus) s
-36 1542 p (short,) s
8 r (making) s
9 r (the) s
9 r (virus) s
8 r 97 c
10 r (more) s
10 r (dif) s
174 c
(cult) s
7 r (to) s
9 r (seize,) s
11 r (even) s
10 r (when) s
-36 1591 p (it) s
9 r (had) s
9 r (been) s
11 r (noticed.) s
4 1644 p (All) s
14 r (the) s
15 r (constant) s
14 r (strings) s
14 r (used) s
15 r (by) s
15 r (the) s
15 r (program) s
14 r (were) s
16 r (ob-) s
-36 1694 p (scured) s
10 r (by) s
11 r (XOR'ing) s
11 r (each) s
12 r (character) s
13 r (with) s
10 r (the) s
12 r (constant) s
10 r (81) s
cmr7.300 @sf
892 1700 p (16) s
t-rom.300 @sf
927 1694 p 46 c
-36 1744 p (This) s
10 r (meant) s
12 r (that) s
10 r (one) s
12 r (could) s
11 r (not) s
10 r (simply) s
11 r (look) s
10 r (at) s
11 r (the) s
12 r (binary) s
10 r (to) s
-36 1794 p (determine) s
14 r (what) s
15 r (constants) s
15 r (the) s
15 r (virus) s
14 r (refered) s
16 r (to) s
14 r (\(e.g.) s
30 r (what) s
-36 1843 p 174 c
(les) s
13 r (it) s
13 r (opened\).) s
26 r (But) s
14 r (it) s
13 r (was) s
15 r 97 c
15 r (weak) s
15 r (method) s
13 r (of) s
14 r (hiding) s
13 r (the) s
-36 1893 p (strin) s
-1 r (gs;) s
13 r (it) s
14 r (delayed) s
14 r (ef) s
(forts) s
12 r (to) s
13 r (understand) s
13 r (the) s
14 r (virus,) s
14 r (but) s
13 r (not) s
-36 1943 p (for) s
8 r (very) s
10 r (long.) s
t-bol.360 @sf
-36 2077 p (2.3) s
49 r (Flaws) s
t-rom.300 @sf
-36 2160 p (The) s
7 r (virus) s
8 r (also) s
8 r (had) s
9 r 97 c
8 r (number) s
9 r (of) s
8 r 175 c
(aws,) s
9 r (ranging) s
8 r (from) s
8 r (the) s
8 r (sub-) s
-36 2210 p (tle) s
8 r (to) s
10 r (the) s
10 r (clumsy) s
-2 r 46 c
14 r (One) s
10 r (of) s
10 r (the) s
10 r (later) s
10 r (messages) s
13 r (from) s
10 r (Berkeley) s
-36 2259 p (posted) s
6 r 174 c
(xes) s
8 r (for) s
8 r (some) s
8 r (of) s
8 r (the) s
8 r (more) s
8 r (obvious) s
6 r (ones,) s
9 r (as) s
9 r 97 c
8 r (humor-) s
-36 2309 p (ous) s
9 r (gesture.) s
t-bol.300 @sf
-36 2435 p (2.3.1) s
40 r (Reinfection) s
16 r (pr) s
(evention) s
t-rom.300 @sf
-36 2518 p (The) s
10 r (code) s
11 r (for) s
11 r (preventing) s
9 r (reinfection) s
10 r (of) s
10 r (an) s
11 r (actively) s
11 r (infected) s
-36 2568 p (machine) s
13 r (harbored) s
14 r (some) s
15 r (major) s
14 r 175 c
(aws.) s
27 r (These) s
15 r 175 c
(aws) s
15 r (turned) s
-36 2617 p (out) s
11 r (to) s
12 r (be) s
13 r (critical) s
13 r (to) s
12 r (the) s
13 r (ultimate) s
12 r 96 c
-2 r (`failure') s
-3 r 39 c
11 r (of) s
13 r (the) s
13 r (virus,) s
13 r (as) s
-36 2667 p (reinfection) s
8 r (drove) s
10 r (up) s
9 r (the) s
10 r (load) s
10 r (of) s
10 r (many) s
11 r (machines,) s
11 r (causing) s
10 r (it) s
-36 2717 p (to) s
8 r (be) s
11 r (noticed) s
9 r (and) s
11 r (thus) s
9 r (counterattacked.) s
1054 96 p (The) s
17 r (code) s
17 r (had) s
16 r (several) s
17 r (timing) s
15 r 175 c
(aws) s
17 r (which) s
15 r (made) s
18 r (it) s
15 r (un-) s
1012 146 p (likely) s
10 r (to) s
10 r (work.) s
16 r (While) s
10 r (written) s
10 r (in) s
10 r 97 c
12 r 96 c
-2 r (`paranoid') s
-4 r 39 c
9 r (manner) s
-1 r 44 c
12 r (us-) s
1012 196 p (ing) s
9 r (weak) s
9 r (authentication) s
7 r (\(exchanging) s
9 r 96 c
-2 r (`magic') s
-3 r 39 c
7 r (numbers\)) s
9 r (to) s
1012 246 p (determine) s
9 r (whether) s
8 r (the) s
7 r (other) s
8 r (end) s
8 r (of) s
8 r (the) s
8 r (connection) s
7 r (is) s
8 r (indeed) s
1012 295 p 97 c
11 r (copy) s
9 r (of) s
9 r (the) s
10 r (virus,) s
9 r (these) s
10 r (routines) s
8 r (would) s
9 r (often) s
9 r (exit) s
9 r (with) s
8 r (er-) s
1012 345 p (rors) s
10 r (\(and) s
11 r (thus) s
t-ita.300 @sf
9 r (not) s
t-rom.300 @sf
10 r (attempt) s
9 r (to) s
10 r (quit\)) s
9 r (if:) s
cmsy10.300 @sf
1054 406 p 15 c
t-rom.300 @sf
20 r (several) s
17 r (viruses) s
15 r (infected) s
15 r 97 c
16 r (clean) s
16 r (machine) s
16 r (at) s
16 r (once,) s
17 r (in) s
1095 456 p (which) s
11 r (case) s
13 r (all) s
11 r (of) s
11 r (them) s
12 r (would) s
10 r (look) s
10 r (for) s
11 r (listeners;) s
11 r (none) s
1095 506 p (of) s
16 r (them) s
16 r (would) s
15 r 174 c
(nd) s
16 r (any;) s
18 r (all) s
15 r (of) s
16 r (them) s
16 r (would) s
15 r (attempt) s
1095 556 p (to) s
16 r (become) s
18 r (listeners;) s
18 r (one) s
17 r (would) s
15 r (succeed;) s
21 r (the) s
16 r (others) s
1095 605 p (would) s
9 r (fail,) s
10 r (give) s
10 r (up,) s
10 r (and) s
10 r (thus) s
10 r (be) s
10 r (invulnerable) s
9 r (to) s
9 r (future) s
1095 655 p (checking) s
11 r (attempts.) s
cmsy10.300 @sf
1054 705 p 15 c
t-rom.300 @sf
20 r (several) s
16 r (viruses) s
14 r (starting) s
13 r (at) s
14 r (once,) s
17 r (in) s
14 r (the) s
14 r (presence) s
16 r (of) s
14 r 97 c
1095 755 p (running) s
14 r (virus.) s
28 r (If) s
15 r (the) s
16 r 174 c
(rst) s
15 r (one) s
15 r 96 c
-2 r (`wins) s
13 r (the) s
15 r (coin) s
15 r (toss') s
-2 r 39 c
1095 805 p (with) s
13 r (the) s
14 r (listening) s
11 r (virus,) s
15 r (other) s
13 r (new-starting) s
12 r (ones) s
14 r (will) s
1095 854 p (have) s
10 r (contacted) s
9 r (the) s
8 r (losing) s
8 r (one) s
9 r (and) s
8 r (have) s
10 r (the) s
8 r (connection) s
1095 904 p (closed) s
11 r (upon) s
9 r (them,) s
11 r (permitting) s
8 r (them) s
11 r (to) s
10 r (continue.) s
cmsy10.300 @sf
1054 954 p 15 c
t-rom.300 @sf
20 r 97 c
8 r (machine) s
7 r (is) s
7 r (slow) s
6 r (or) s
7 r (heavily) s
6 r (loaded,) s
8 r (which) s
6 r (could) s
6 r (cause) s
1095 1004 p (the) s
15 r (virus) s
13 r (to) s
14 r (exceed) s
16 r (the) s
14 r (timeouts) s
14 r (imposed) s
14 r (on) s
14 r (the) s
14 r (ex-) s
1095 1054 p (change) s
9 r (of) s
7 r (numbers,) s
9 r (especially) s
8 r (if) s
7 r (the) s
8 r (compiler) s
7 r (was) s
8 r (run-) s
1095 1103 p (ning) s
10 r (\(possibly) s
9 r (multiple) s
9 r (times\)) s
10 r (due) s
11 r (to) s
10 r 97 c
11 r (new) s
10 r (infection;) s
1095 1153 p (note) s
9 r (that) s
8 r (this) s
7 r (is) s
9 r (exacerbated) s
9 r (by) s
9 r 97 c
9 r (busy) s
8 r (machine) s
9 r (\(which) s
1095 1203 p (slows) s
10 r (down) s
10 r (further\)) s
9 r (on) s
10 r 97 c
11 r (moderately) s
10 r (sized) s
11 r (network.) s
1012 1264 p (Note) s
8 r (that) s
7 r 96 c
-2 r (`at) s
6 r (once') s
-2 r 39 c
7 r (means) s
9 r 96 c
-2 r (`wit) s
-1 r (hin) s
5 r 97 c
8 r (5-20) s
7 r (second) s
8 r (window') s
-2 r 39 c
1012 1314 p (in) s
10 r (most) s
10 r (cases,) s
13 r (and) s
10 r (is) s
10 r (sometimes) s
11 r (looser) s
-1 r 46 c
1054 1365 p 65 c
11 r (critical) s
10 r (weakness) s
12 r (in) s
11 r (the) s
10 r (interlocking) s
9 r (code) s
11 r (is) s
11 r (that) s
10 r (even) s
1012 1415 p (when) s
15 r (it) s
t-ita.300 @sf
13 r (does) s
t-rom.300 @sf
14 r (decide) s
15 r (to) s
13 r (quit,) s
14 r (all) s
14 r (it) s
13 r (does) s
15 r (is) s
14 r (set) s
14 r (the) s
14 r (variable) s
c-med.300 @sf
1012 1465 p (pleasequit) s
t-rom.300 @sf
46 c
15 r (This) s
11 r (variable) s
11 r (does) s
10 r (not) s
10 r (have) s
12 r (an) s
11 r (ef) s
(fect) s
10 r (until) s
1012 1514 p (the) s
11 r (virus) s
9 r (has) s
11 r (gone) s
10 r (through) s
cmsy10.300 @sf
1054 1566 p 15 c
t-rom.300 @sf
20 r (collecting) s
10 r (the) s
10 r (entire) s
10 r (list) s
9 r (of) s
10 r (host) s
9 r (names) s
12 r (to) s
9 r (attack) s
cmsy10.300 @sf
1054 1616 p 15 c
t-rom.300 @sf
20 r (collecting) s
10 r (the) s
10 r (entire) s
10 r (list) s
9 r (of) s
10 r (user) s
10 r (names) s
12 r (to) s
9 r (attack) s
cmsy10.300 @sf
1054 1665 p 15 c
t-rom.300 @sf
20 r (trying) s
7 r (to) s
8 r (attack) s
9 r (all) s
8 r (of) s
8 r (the) s
8 r 96 c
-2 r (`obvi) s
-1 r (ous') s
-3 r 39 c
6 r (permutation) s
7 r (pass-) s
1095 1715 p (words) s
10 r (\(see) s
12 r (Section) s
9 r (A.4.3\)) s
cmsy10.300 @sf
1054 1765 p 15 c
t-rom.300 @sf
20 r (trying) s
15 r (ten) s
16 r (words) s
15 r (selected) s
17 r (at) s
16 r (random) s
16 r (from) s
16 r (the) s
16 r (inter-) s
1095 1815 p (nal) s
10 r (dictionary) s
8 r (\(see) s
10 r (Appendix) s
9 r (B\)) s
9 r (against) s
9 r (all) s
10 r (of) s
9 r (the) s
9 r (user) s
1095 1865 p (names) s
1054 1916 p (Since) s
13 r (the) s
13 r (virus) s
12 r (was) s
13 r (careful) s
13 r (to) s
12 r (clean) s
14 r (up) s
12 r (temporary) s
13 r 174 c
(les,) s
1012 1966 p (its) s
10 r (presence) s
12 r (alone) s
10 r (didn') s
116 c
8 r (interfere) s
10 r (with) s
9 r (reinfection.) s
1054 2017 p (Also,) s
8 r 97 c
9 r (multiply) s
6 r (infected) s
8 r (machine) s
8 r (would) s
7 r (spread) s
9 r (the) s
7 r (virus) s
1012 2067 p (faster) s
-1 r 44 c
10 r (perhaps) s
10 r (proporti) s
-1 r (onall) s
-1 r 121 c
8 r (to) s
9 r (the) s
9 r (number) s
9 r (of) s
9 r (infections) s
8 r (it) s
1012 2116 p (was) s
11 r (harboring,) s
10 r (since) s
cmsy10.300 @sf
1054 2168 p 15 c
t-rom.300 @sf
20 r (the) s
15 r (program) s
13 r (scrambles) s
16 r (the) s
14 r (lists) s
13 r (of) s
14 r (hosts) s
14 r (and) s
14 r (users) s
14 r (it) s
1095 2217 p (attacks;) s
12 r (since) s
11 r (the) s
11 r (random) s
11 r (number) s
11 r (generator) s
11 r (is) s
11 r (seeded) s
1095 2267 p (with) s
9 r (the) s
10 r (current) s
10 r (time,) s
11 r (the) s
9 r (separate) s
12 r (instances) s
10 r (are) s
11 r (likely) s
1095 2317 p (to) s
10 r (hit) s
9 r (separate) s
12 r (tar) s
(gets.) s
cmsy10.300 @sf
1054 2367 p 15 c
t-rom.300 @sf
20 r (the) s
19 r (program) s
18 r (tries) s
18 r (to) s
18 r (spend) s
18 r 97 c
19 r (lar) s
(ge) s
18 r (amount) s
18 r (of) s
18 r (time) s
1095 2417 p (sleeping) s
21 r (and) s
22 r (listening) s
19 r (for) s
21 r (other) s
21 r (infection) s
20 r (attempts) s
1095 2467 p (\(which) s
11 r (never) s
11 r (report) s
11 r (themselves\)) s
11 r (so) s
11 r (that) s
11 r (the) s
10 r (processes) s
1095 2516 p (would) s
10 r (share) s
11 r (the) s
10 r (resources) s
11 r (of) s
10 r (the) s
10 r (machine) s
11 r (fairly) s
9 r (well.) s
1054 2568 p (Thus,) s
8 r (the) s
8 r (virus) s
6 r (spread) s
8 r (much) s
8 r (more) s
7 r (quickly) s
6 r (than) s
7 r (the) s
7 r (perpe-) s
1012 2617 p (trator) s
11 r (expected,) s
13 r (and) s
12 r (was) s
12 r (noticed) s
11 r (for) s
12 r (that) s
11 r (very) s
11 r (reason.) s
19 r (The) s
1012 2667 p (MIT) s
14 r (Media) s
14 r (Lab,) s
16 r (for) s
13 r (example,) s
16 r (cut) s
14 r (themselves) s
14 r (completely) s
1012 2717 p (of) s
102 c
13 r (from) s
14 r (the) s
13 r (network) s
13 r (because) s
15 r (the) s
14 r (computer) s
14 r (resources) s
14 r (ab-) s
965 2842 p 53 c
@eop
6 @bop0
cmr7.300 @sf
[<1F007F80E1C0F0E0F0F070F000F000F060E071E07FC06F006000600060007F007FC07FE06060> 12 19 -2 0 17] 53 @dc
cmr6.300 @sf
[<3F007F80E1C0E0E040E000E060E070C07F806F00600060007E007F007F806080> 11 16 -1 0 15] 53 @dc
6 @bop1
t-rom.300 @sf
-36 96 p (sorbed) s
9 r (by) s
9 r (the) s
10 r (virus) s
10 r (were) s
11 r (detracting) s
9 r (from) s
10 r (work) s
10 r (in) s
9 r (progress,) s
-36 146 p (whil) s
-1 r 101 c
9 r (the) s
10 r (lack) s
11 r (of) s
10 r (network) s
9 r (service) s
11 r (was) s
11 r 97 c
11 r (minor) s
9 r (problem.) s
t-bol.300 @sf
-36 256 p (2.3.2) s
40 r (Heuristics) s
t-rom.300 @sf
-36 333 p (One) s
12 r (attempt) s
12 r (to) s
12 r (make) s
14 r (the) s
12 r (program) s
13 r (not) s
12 r (waste) s
13 r (time) s
13 r (on) s
12 r (non-) s
-36 383 p (UNIX) s
8 r (systems) s
11 r (was) s
10 r (to) s
10 r (sometimes) s
10 r (try) s
9 r (to) s
10 r (open) s
9 r 97 c
11 r (telnet) s
9 r (or) s
10 r (rsh) s
-36 433 p (connection) s
9 r (to) s
10 r 97 c
11 r (host) s
11 r (before) s
11 r (trying) s
9 r (to) s
10 r (attack) s
11 r (it) s
11 r (and) s
10 r (skipping) s
-36 483 p (that) s
13 r (host) s
14 r (if) s
14 r (it) s
13 r (refused) s
15 r (the) s
15 r (connection.) s
26 r (If) s
15 r (the) s
14 r (host) s
14 r (refused) s
-36 533 p (telnet) s
5 r (or) s
7 r (rsh) s
7 r (connections,) s
7 r (it) s
6 r (was) s
8 r (likely) s
6 r (to) s
6 r (refuse) s
8 r (other) s
6 r (attacks) s
-36 582 p (as) s
9 r (well.) s
14 r (There) s
11 r (were) s
11 r (several) s
11 r (problems) s
10 r (with) s
9 r (this) s
10 r (heuristic:) s
cmsy10.300 @sf
4 632 p 15 c
t-rom.300 @sf
21 r 65 c
12 r (number) s
13 r (of) s
12 r (machines) s
13 r (exist) s
12 r (which) s
12 r (provide) s
12 r (mail) s
12 r (ser-) s
46 682 p (vice) s
9 r (\(for) s
8 r (example\)) s
10 r (but) s
8 r (that) s
9 r (do) s
8 r (not) s
9 r (provide) s
8 r (telnet) s
8 r (or) s
9 r (rsh) s
46 732 p (service,) s
19 r (and) s
16 r (although) s
15 r (vulnerable,) s
18 r (would) s
16 r (be) s
17 r (ignored) s
46 782 p (under) s
12 r (this) s
13 r (attack.) s
23 r (The) s
14 r (MIT) s
14 r (Project) s
13 r (Athena) s
13 r (mailhub,) s
t-ita.300 @sf
46 832 p (athena.mit.edu) s
t-rom.300 @sf
44 c
9 r (is) s
10 r (but) s
10 r (one) s
10 r (example.) s
cmsy10.300 @sf
4 881 p 15 c
t-rom.300 @sf
21 r (The) s
19 r (telnet) s
18 r 96 c
-2 r (`probin) s
-1 r (g') s
-3 r 39 c
17 r (code) s
19 r (immediately) s
19 r (closed) s
19 r (the) s
46 931 p (connection) s
17 r (upon) s
17 r 174 c
(nding) s
16 r (that) s
17 r (it) s
17 r (had) s
18 r (opened) s
18 r (it.) s
36 r (By) s
46 981 p (the) s
12 r (time) s
13 r (the) s
13 r 96 c
-2 r (`inet) s
11 r (daemon') s
-2 r (',) s
13 r (the) s
12 r 96 c
-2 r (`switchin) s
-1 r 103 c
11 r (station') s
-2 r 39 c
46 1031 p (which) s
9 r (handles) s
10 r (most) s
10 r (incoming) s
9 r (network) s
9 r (services,) s
11 r (iden-) s
46 1081 p (ti) s
174 c
(ed) s
11 r (the) s
12 r (connection) s
12 r (and) s
12 r (started) s
12 r 97 c
13 r (telnet) s
12 r (daemon,) s
14 r (the) s
46 1130 p (connection) s
8 r (was) s
10 r (already) s
9 r (closed,) s
10 r (causing) s
9 r (the) s
9 r (telnet) s
9 r (dae-) s
46 1180 p (mon) s
9 r (to) s
9 r (indicate) s
9 r (an) s
10 r (error) s
9 r (condition) s
8 r (of) s
9 r (high) s
9 r (enough) s
9 r (pri-) s
46 1230 p (ority) s
12 r (to) s
14 r (be) s
15 r (logged) s
13 r (on) s
14 r (most) s
14 r (systems.) s
27 r (Thus) s
14 r (the) s
15 r (times) s
46 1280 p (of) s
10 r (the) s
12 r (earliest) s
11 r (attacks) s
11 r (were) s
12 r (noted,) s
12 r (if) s
10 r (not) s
11 r (the) s
11 r (machines) s
46 1330 p (they) s
9 r (came) s
12 r (from.) s
t-bol.300 @sf
-36 1439 p (2.3.3) s
40 r 86 c
-3 r (ulnerabilities) s
14 r (not) s
16 r (used) s
t-rom.300 @sf
-36 1517 p (The) s
6 r (virus) s
7 r (did) s
6 r (not) s
6 r (exploit) s
6 r 97 c
7 r (number) s
7 r (of) s
7 r (obvious) s
6 r (opportuni) s
-1 r (ties.) s
cmsy10.300 @sf
4 1567 p 15 c
t-rom.300 @sf
21 r (When) s
9 r (looking) s
8 r (for) s
8 r (lists) s
9 r (of) s
9 r (hosts) s
9 r (to) s
9 r (attack,) s
10 r (it) s
8 r (could) s
9 r (have) s
46 1617 p (done) s
9 r 96 c
-2 r (`zone) s
8 r (transfers') s
-2 r 39 c
8 r (from) s
9 r (the) s
9 r (Internet) s
9 r (domain) s
9 r (name) s
46 1667 p (servers) s
16 r (to) s
15 r 174 c
(nd) s
16 r (names) s
17 r (of) s
15 r (valid) s
15 r (hosts) s
15 r 91 c
(18) s
(].) s
30 r (Many) s
16 r (of) s
46 1716 p (these) s
18 r (records) s
19 r (also) s
19 r (include) s
17 r (host) s
18 r (type,) s
21 r (so) s
18 r (the) s
18 r (search) s
46 1766 p (could) s
12 r (have) s
13 r (limited) s
11 r (itself) s
12 r (to) s
12 r (the) s
13 r (appropriate) s
11 r (processor) s
46 1816 p (and) s
10 r (operating) s
9 r (system) s
11 r (types.) s
cmsy10.300 @sf
4 1866 p 15 c
t-rom.300 @sf
21 r (It) s
13 r (did) s
14 r (not) s
13 r (attack) s
14 r (both) s
13 r (machine) s
15 r (types) s
14 r (consistently) s
-2 r 46 c
24 r (If) s
46 1916 p (the) s
10 r 86 c
-4 r (AX) s
8 r 174 c
(nger) s
11 r (attack) s
10 r (failed,) s
10 r (it) s
10 r (could) s
9 r (have) s
11 r (tried) s
9 r 97 c
11 r (Sun) s
46 1965 p (attack,) s
10 r (but) s
10 r (that) s
9 r (hadn') s
116 c
9 r (been) s
11 r (implemented.) s
cmsy10.300 @sf
4 2015 p 15 c
t-rom.300 @sf
21 r (It) s
10 r (did) s
10 r (not) s
10 r (try) s
10 r (to) s
11 r 174 c
(nd) s
10 r (privileged) s
10 r (users) s
11 r (on) s
11 r (the) s
11 r (local) s
10 r (host) s
46 2065 p (\(such) s
10 r (as) s
c-med.300 @sf
11 r (root) s
t-rom.300 @sf
(\).) s
t-bol.360 @sf
-36 2183 p (2.4) s
49 r (Defenses) s
t-rom.300 @sf
-36 2261 p (There) s
9 r (were) s
10 r (many) s
9 r (attempts) s
9 r (to) s
9 r (stop) s
8 r (the) s
10 r (virus.) s
12 r (They) s
10 r (varied) s
9 r (in) s
-36 2311 p (inconv) s
-1 r (enience) s
12 r (to) s
13 r (the) s
13 r (end) s
13 r (users) s
13 r (of) s
13 r (the) s
12 r (vulnerable) s
13 r (systems,) s
-36 2361 p (in) s
10 r (the) s
13 r (amount) s
12 r (of) s
12 r (skill) s
12 r (required) s
12 r (to) s
12 r (implement) s
12 r (them,) s
14 r (and) s
12 r (in) s
-36 2410 p (their) s
8 r (ef) s
(fectiveness.) s
cmsy10.300 @sf
4 2468 p 15 c
t-rom.300 @sf
21 r (Full) s
13 r (isolation) s
12 r (from) s
14 r (network) s
13 r (was) s
14 r (frequently) s
13 r (inconve-) s
46 2518 p (nient,) s
8 r (but) s
9 r (was) s
9 r (very) s
9 r (ef) s
(fective) s
9 r (in) s
9 r (stopping) s
7 r (the) s
9 r (virus,) s
9 r (and) s
46 2568 p (was) s
10 r (simple) s
11 r (to) s
9 r (implement.) s
cmsy10.300 @sf
4 2617 p 15 c
t-rom.300 @sf
21 r 84 c
(urni) s
-1 r (ng) s
9 r (of) s
102 c
10 r (mail) s
11 r (service) s
12 r (was) s
11 r (inconvenient) s
10 r (both) s
10 r (to) s
10 r (lo-) s
46 2667 p (cal) s
12 r (users) s
13 r (and) s
13 r (to) s
12 r 96 c
-2 r (`downst) s
-1 r (ream') s
-2 r 39 c
10 r (sites,) s
14 r (was) s
13 r (inef) s
(fective) s
46 2717 p (at) s
10 r (stopping) s
8 r (the) s
10 r (virus,) s
10 r (but) s
10 r (was) s
10 r (simple) s
11 r (to) s
9 r (implement.) s
cmsy10.300 @sf
1054 96 p 15 c
t-rom.300 @sf
20 r (Patching) s
8 r (out) s
8 r (the) s
c-med.300 @sf
8 r (debug) s
t-rom.300 @sf
8 r (command) s
9 r (in) s
c-med.300 @sf
7 r (sendmail) s
t-rom.300 @sf
8 r (was) s
1095 146 p (only) s
11 r (ef) s
(fective) s
11 r (in) s
10 r (conjunction) s
10 r (with) s
10 r (other) s
11 r 174 c
(xes,) s
12 r (did) s
10 r (not) s
1095 196 p (interfere) s
7 r (with) s
6 r (normal) s
7 r (users,) s
9 r (and) s
7 r (simple) s
7 r (instructions) s
5 r (for) s
1095 246 p (implementing) s
10 r (the) s
10 r (change) s
11 r (were) s
11 r (available.) s
cmsy10.300 @sf
1054 295 p 15 c
t-rom.300 @sf
20 r (Shutting) s
13 r (down) s
14 r (the) s
15 r 174 c
(nger) s
15 r (daemon) s
15 r (was) s
15 r (also) s
15 r (ef) s
(fective) s
1095 345 p (only) s
11 r (if) s
12 r (the) s
11 r (other) s
12 r (holes) s
11 r (were) s
13 r (plugged) s
11 r (as) s
13 r (well,) s
12 r (was) s
12 r (an-) s
1095 395 p (noying) s
11 r (to) s
12 r (users) s
13 r (if) s
11 r (not) s
12 r (actually) s
12 r (inconvenient,) s
12 r (and) s
12 r (was) s
1095 445 p (simple) s
11 r (to) s
9 r (perform.) s
cmsy10.300 @sf
1054 495 p 15 c
t-rom.300 @sf
20 r (Fixing) s
15 r (the) s
16 r 174 c
(nger) s
17 r (daemon) s
16 r (required) s
16 r (source) s
17 r (code,) s
18 r (but) s
1095 544 p (was) s
15 r (as) s
14 r (ef) s
(fective) s
14 r (as) s
14 r (shutting) s
12 r (it) s
13 r (down,) s
14 r (without) s
12 r (annoy-) s
1095 594 p (ing) s
10 r (the) s
10 r (users) s
11 r (at) s
10 r (all.) s
cmsy10.300 @sf
1054 644 p 15 c
c-med.300 @sf
20 r (mkdir) s
25 r (/usr/tmp/sh) s
t-rom.300 @sf
6 r (was) s
8 r (convenient,) s
8 r (simple,) s
8 r (and) s
1095 694 p (ef) s
(fective) s
18 r (in) s
17 r (preventing) s
16 r (the) s
17 r (virus) s
17 r (from) s
18 r (propagating) s
cmr7.300 @sf
1971 680 p 53 c
t-rom.300 @sf
1095 744 p (\(See) s
12 r (Section) s
10 r (A.8.2.\)) s
cmsy10.300 @sf
1054 793 p 15 c
t-rom.300 @sf
20 r (De) s
174 c
(ning) s
c-med.300 @sf
16 r (pleasequit) s
t-rom.300 @sf
16 r (in) s
15 r (the) s
17 r (system) s
16 r (libraries) s
16 r (was) s
1095 843 p (convenient,) s
10 r (simple,) s
9 r (and) s
10 r (did) s
8 r (almost) s
9 r (nothing) s
7 r (to) s
9 r (stop) s
9 r (the) s
1095 893 p (virus) s
10 r (\(See) s
11 r (Section) s
10 r (A.3.2.\)) s
cmsy10.300 @sf
1054 943 p 15 c
t-rom.300 @sf
20 r (Renaming) s
14 r (the) s
14 r (UNIX) s
13 r 67 c
14 r (compiler) s
13 r (and) s
14 r (linker) s
13 r 40 c
c-med.300 @sf
(cc) s
t-rom.300 @sf
14 r (and) s
c-med.300 @sf
1095 993 p (ld) s
t-rom.300 @sf
41 c
12 r (was) s
12 r (drastic,) s
12 r (and) s
12 r (somewhat) s
12 r (inconvenient) s
10 r (to) s
11 r (users) s
1095 1043 p (\(though) s
16 r (much) s
18 r (less) s
18 r (so) s
17 r (than) s
17 r (cutting) s
16 r (of) s
102 c
16 r (the) s
17 r (network,) s
1095 1092 p (since) s
13 r (dif) s
(ferent) s
10 r (names) s
13 r (were) s
13 r (available\)) s
12 r (but) s
11 r (ef) s
(fective) s
11 r (in) s
1095 1142 p (stopping) s
9 r (the) s
10 r (virus.) s
cmsy10.300 @sf
1054 1192 p 15 c
t-rom.300 @sf
20 r (Requiring) s
11 r (new) s
13 r (passwords) s
12 r (for) s
12 r (all) s
12 r (users) s
13 r (\(or) s
12 r (at) s
12 r (least) s
13 r (all) s
1095 1242 p (users) s
9 r (who) s
8 r (had) s
9 r (passwords) s
9 r (which) s
8 r (the) s
8 r (virus) s
8 r (could) s
7 r (guess\)) s
1095 1292 p (was) s
16 r (dif) s
174 c
(cult) s
-1 r 44 c
14 r (but) s
14 r (it) s
14 r (only) s
13 r (inconvenienced) s
14 r (those) s
14 r (users) s
1095 1341 p (with) s
9 r (weak) s
11 r (passwords) s
10 r (to) s
9 r (begin) s
9 r (with,) s
10 r (and) s
9 r (was) s
11 r (ef) s
(fective) s
1095 1391 p (in) s
10 r (conjunction) s
9 r (with) s
9 r (the) s
11 r (other) s
10 r 174 c
(xes) s
11 r (\(See) s
11 r (Section) s
10 r (A.4.3) s
1095 1441 p (and) s
11 r (Appendix) s
9 r (B.\)) s
1054 1500 p (After) s
9 r (the) s
8 r (virus) s
8 r (was) s
10 r (analyzed,) s
10 r 97 c
10 r (tool) s
7 r (which) s
9 r (duplicated) s
8 r (the) s
1012 1550 p (password) s
16 r (attack) s
15 r (\(including) s
13 r (the) s
15 r (virus') s
14 r (internal) s
14 r (dictionary\)) s
1012 1600 p (was) s
8 r (posted) s
7 r (to) s
6 r (the) s
7 r (network.) s
12 r (This) s
7 r (tool) s
6 r (allowed) s
6 r (system) s
8 r (admin-) s
1012 1649 p (istrators) s
13 r (to) s
14 r (analyze) s
15 r (the) s
14 r (passwords) s
14 r (in) s
13 r (use) s
15 r (on) s
13 r (their) s
14 r (system.) s
1012 1699 p (The) s
14 r (spread) s
14 r (of) s
13 r (this) s
13 r (virus) s
12 r (should) s
12 r (be) s
14 r (ef) s
(fective) s
13 r (in) s
12 r (raising) s
13 r (the) s
1012 1749 p (awareness) s
15 r (of) s
12 r (users) s
13 r (\(and) s
13 r (administrators\)) s
11 r (to) s
12 r (the) s
13 r (importance) s
1012 1799 p (of) s
15 r (choosing) s
14 r 96 c
-2 r (`dif) s
-1 r 174 c
(cult) s
-1 r 39 c
-3 r 39 c
13 r (passwords.) s
28 r (Lawrence) s
17 r (Livermore) s
1012 1849 p (National) s
7 r (Laboratories) s
7 r (went) s
7 r (as) s
8 r (far) s
8 r (as) s
8 r (requiring) s
6 r (all) s
7 r (passwords) s
1012 1898 p (be) s
8 r (changed,) s
9 r (and) s
8 r (modifying) s
5 r (the) s
8 r (password) s
7 r (changing) s
7 r (program) s
1012 1948 p (to) s
8 r (test) s
9 r (new) s
9 r (passwords) s
8 r (against) s
9 r (the) s
8 r (lists) s
8 r (that) s
8 r (include) s
8 r (the) s
8 r (pass-) s
1012 1998 p (words) s
10 r (attacked) s
11 r (by) s
10 r (the) s
10 r (virus) s
9 r 91 c
54 c
(].) s
t-bol.420 @sf
1012 2140 p 51 c
59 r (Lessons) s
21 r (and) s
23 r (Open) s
23 r (Issues) s
t-rom.300 @sf
1012 2233 p (The) s
14 r (virus) s
12 r (incident) s
12 r (taught) s
12 r (many) s
13 r (important) s
12 r (lessons.) s
22 r (It) s
13 r (also) s
1012 2283 p (brought) s
8 r (up) s
9 r (many) s
9 r (more) s
10 r (dif) s
174 c
(cult) s
7 r (issues) s
9 r (which) s
9 r (need) s
9 r (to) s
9 r (be) s
9 r (ad-) s
1012 2333 p (dressed) s
11 r (in) s
10 r (the) s
10 r (future) s
10 r 58 c
cmsy10.300 @sf
1054 2426 p 15 c
t-rom.300 @sf
20 r (Least) s
16 r (Privilege.) s
27 r (This) s
14 r (basic) s
15 r (security) s
15 r (principle) s
13 r (is) s
15 r (fre-) s
1095 2476 p (quently) s
9 r (ignored) s
10 r (and) s
10 r (this) s
9 r (can) s
11 r (result) s
10 r (in) s
10 r (disaster) s
-1 r 46 c
cmsy10.300 @sf
1054 2560 p 15 c
t-rom.300 @sf
20 r 96 c
-2 r (`W) s
-2 r 101 c
10 r (have) s
13 r (met) s
12 r (the) s
12 r (enemy) s
13 r (and) s
12 r (he) s
12 r (is) s
12 r (us.') s
-2 r 39 c
18 r (The) s
13 r (alleged) s
1095 2610 p (author) s
9 r (of) s
9 r (the) s
9 r (virus) s
9 r (has) s
9 r (made) s
11 r (contributi) s
-1 r (ons) s
7 r (to) s
9 r (the) s
9 r (com-) s
1012 2639 p 390 2 ru
cmr6.300 @sf
1055 2667 p 53 c
t-rom.240 @sf
1072 2678 p (However) s
44 c
9 r (both) s
10 r (sets) s
10 r (of) s
11 r (binaries) s
10 r (were) s
10 r (still) s
11 r (compiled,) s
11 r (consuming) s
8 r (pro-) s
1012 2717 p (cessor) s
8 r (time) s
8 r (on) s
8 r (an) s
7 r (attacked) s
7 r (machine.) s
t-rom.300 @sf
965 2842 p 54 c
@eop
7 @bop0
7 @bop1
t-rom.300 @sf
46 96 p (puter) s
13 r (security) s
14 r 174 c
(eld) s
15 r (and) s
14 r (was) s
15 r (by) s
14 r (any) s
15 r (de) s
174 c
(nition) s
13 r (an) s
14 r (in-) s
46 146 p (sider;) s
11 r (the) s
11 r (attack) s
12 r (did) s
11 r (not) s
11 r (come) s
12 r (from) s
12 r (an) s
12 r (outside) s
10 r (source) s
46 196 p (who) s
8 r (obtained) s
7 r (sensitive) s
8 r (information,) s
7 r (and) s
9 r (restricting) s
6 r (in-) s
46 246 p (formation) s
9 r (such) s
11 r (as) s
11 r (source) s
11 r (code) s
11 r (would) s
9 r (not) s
10 r (have) s
11 r (helped) s
46 295 p (prevent) s
9 r (this) s
10 r (incident.) s
cmsy10.300 @sf
4 381 p 15 c
t-rom.300 @sf
21 r (Diversity) s
15 r (is) s
16 r (good.) s
33 r (Though) s
16 r (the) s
16 r (virus) s
16 r (picked) s
16 r (on) s
17 r (the) s
46 431 p (most) s
12 r (widespread) s
13 r (operating) s
11 r (system) s
14 r (used) s
12 r (on) s
13 r (the) s
12 r (Inter-) s
46 481 p (net) s
10 r (and) s
11 r (on) s
11 r (the) s
11 r (two) s
10 r (most) s
11 r (popular) s
10 r (machine) s
11 r (types,) s
12 r (most) s
46 531 p (of) s
10 r (the) s
10 r (machines) s
11 r (on) s
11 r (the) s
10 r (network) s
9 r (were) s
12 r (never) s
11 r (in) s
9 r (danger) s
-1 r 46 c
46 580 p 65 c
10 r (wider) s
10 r (variety) s
9 r (of) s
10 r (implementations) s
9 r (is) s
10 r (probably) s
9 r (good,) s
46 630 p (not) s
10 r (bad.) s
17 r (There) s
12 r (is) s
11 r 97 c
12 r (direct) s
10 r (analogy) s
11 r (with) s
10 r (biological) s
9 r (ge-) s
46 680 p (netic) s
10 r (diversity) s
8 r (to) s
10 r (be) s
10 r (made.) s
cmsy10.300 @sf
4 766 p 15 c
t-rom.300 @sf
21 r 96 c
-2 r (`The) s
21 r (cure) s
24 r (shouldn') s
-1 r 116 c
21 r (be) s
23 r (worse) s
23 r (than) s
22 r (the) s
23 r (disease.') s
-2 r 39 c
46 816 p (Chuck) s
7 r (Cole) s
8 r (made) s
9 r (this) s
7 r (point) s
7 r (and) s
8 r (Clif) s
102 c
6 r (Stoll) s
7 r (also) s
8 r (ar) s
(gued) s
46 866 p (that) s
10 r (it) s
9 r (may) s
12 r (be) s
10 r (more) s
11 r (expensive) s
11 r (to) s
10 r (prevent) s
10 r (such) s
11 r (attacks) s
46 915 p (than) s
10 r (it) s
10 r (is) s
10 r (to) s
10 r (clean) s
11 r (up) s
11 r (after) s
10 r (them.) s
16 r (Backups) s
10 r (are) s
12 r (good.) s
14 r (It) s
46 965 p (may) s
11 r (be) s
11 r (cheaper) s
12 r (to) s
10 r (restore) s
11 r (from) s
10 r (backups) s
11 r (than) s
10 r (to) s
10 r (try) s
10 r (to) s
46 1015 p 174 c
(gure) s
10 r (out) s
9 r (what) s
10 r (damage) s
12 r (an) s
10 r (attacker) s
11 r (has) s
11 r (done[) s
54 c
-1 r (].) s
cmsy10.300 @sf
4 1101 p 15 c
t-rom.300 @sf
21 r (Defenses) s
t-ita.300 @sf
16 r (must) s
t-rom.300 @sf
15 r (be) s
16 r (at) s
16 r (the) s
15 r (host) s
15 r (level,) s
17 r (not) s
14 r (the) s
15 r (network) s
46 1151 p (level.) s
35 r (Mike) s
17 r (Muuss) s
17 r (and) s
18 r (Clif) s
102 c
15 r (Stoll) s
16 r (have) s
18 r (made) s
18 r (this) s
46 1200 p (point) s
10 r (quite) s
10 r (eloquently[) s
54 c
-2 r (].) s
18 r (The) s
13 r (network) s
11 r (performed) s
11 r (its) s
46 1250 p (function) s
7 r (perfectly) s
8 r (and) s
9 r (should) s
7 r (not) s
8 r (be) s
9 r (faulted;) s
8 r (the) s
9 r (tragic) s
46 1300 p 175 c
(aws) s
11 r (were) s
12 r (in) s
10 r (several) s
11 r (application) s
10 r (programs.) s
15 r (Attempts) s
46 1350 p (to) s
8 r 174 c
120 c
9 r (the) s
9 r (network) s
9 r (are) s
10 r (misguided.) s
13 r (An) s
9 r (analogy) s
9 r (with) s
8 r (the) s
46 1400 p (highway) s
11 r (system) s
13 r (can) s
14 r (be) s
13 r (made:) s
19 r (anybody) s
11 r (can) s
14 r (drive) s
12 r (up) s
46 1449 p (to) s
9 r (your) s
9 r (house) s
10 r (and) s
10 r (probably) s
9 r (break) s
10 r (into) s
9 r (your) s
9 r (home,) s
10 r (but) s
46 1499 p (that) s
9 r (does) s
10 r (not) s
9 r (mean) s
10 r (we) s
11 r (should) s
8 r (close) s
10 r (down) s
10 r (the) s
9 r (roads) s
10 r (or) s
46 1549 p (put) s
9 r (armed) s
11 r (guards) s
10 r (on) s
10 r (the) s
10 r (exit) s
10 r (ramps.) s
cmsy10.300 @sf
4 1635 p 15 c
t-rom.300 @sf
21 r (Logging) s
14 r (information) s
13 r (is) s
15 r (important.) s
28 r (The) s
c-med.300 @sf
16 r (inetd) s
t-rom.300 @sf
16 r (and) s
c-med.300 @sf
46 1685 p (telnetd) s
t-rom.300 @sf
12 r (interaction) s
12 r (logging) s
11 r (the) s
13 r (source) s
14 r (of) s
12 r (virus) s
13 r (at-) s
46 1735 p (tacks) s
9 r (turned) s
8 r (out) s
9 r (to) s
8 r (be) s
10 r 97 c
10 r (lucky) s
8 r (break,) s
10 r (but) s
8 r (even) s
10 r (so) s
9 r (many) s
46 1784 p (sites) s
13 r (did) s
12 r (not) s
13 r (have) s
14 r (enough) s
12 r (logging) s
12 r (information) s
11 r (avail-) s
46 1834 p (able) s
11 r (to) s
11 r (identify) s
10 r (the) s
12 r (source) s
12 r (or) s
11 r (times) s
12 r (of) s
11 r (infection.) s
17 r (This) s
46 1884 p (greatly) s
6 r (hindered) s
6 r (the) s
7 r (responses,) s
8 r (since) s
7 r (people) s
7 r (frequently) s
46 1934 p (had) s
9 r (to) s
9 r (install) s
9 r (new) s
9 r (programs) s
10 r (which) s
9 r (logged) s
9 r (more) s
10 r (infor-) s
46 1984 p (mation.) s
14 r (On) s
10 r (the) s
10 r (other) s
10 r (hand,) s
11 r (logging) s
8 r (information) s
9 r (tends) s
46 2033 p (to) s
11 r (accumulate) s
13 r (quickly) s
11 r (and) s
12 r (is) s
12 r (rarely) s
12 r (referenced.) s
21 r (Thus) s
46 2083 p (it) s
11 r (is) s
12 r (frequently) s
11 r (automatically) s
11 r (pur) s
(ged.) s
18 r (If) s
12 r (we) s
13 r (log) s
11 r (help-) s
46 2133 p (ful) s
9 r (information,) s
9 r (but) s
10 r 174 c
(nd) s
10 r (it) s
9 r (is) s
11 r (quickly) s
9 r (pur) s
(ged,) s
9 r (we) s
11 r (have) s
46 2183 p (not) s
9 r (improved) s
10 r (the) s
10 r (situtation) s
8 r (much) s
11 r (at) s
11 r (all.) s
14 r (Mike) s
10 r (Muuss-) s
46 2233 p (points) s
9 r (out) s
10 r (that) s
11 r (frequently) s
10 r (one) s
11 r (can) s
12 r (retrieve) s
11 r (such) s
11 r (infor-) s
46 2283 p (mation) s
9 r (from) s
10 r (backups[) s
54 c
(],) s
10 r (but) s
10 r (this) s
9 r (is) s
10 r (not) s
10 r (always) s
10 r (true.) s
cmsy10.300 @sf
4 2368 p 15 c
t-rom.300 @sf
21 r (Denial) s
17 r (of) s
17 r (service) s
19 r (attacks) s
18 r (are) s
18 r (easy) s
-2 r 46 c
37 r (The) s
18 r (Internet) s
17 r (is) s
46 2418 p (amazingly) s
14 r (vulnerable) s
13 r (to) s
13 r (such) s
14 r (attacks.) s
26 r (These) s
15 r (attacks) s
46 2468 p (are) s
7 r (quite) s
6 r (dif) s
174 c
(cult) s
5 r (to) s
6 r (prevent,) s
8 r (but) s
6 r (we) s
7 r (could) s
6 r (be) s
8 r (much) s
7 r (bet-) s
46 2518 p (ter) s
7 r (prepared) s
8 r (to) s
7 r (identify) s
6 r (their) s
7 r (sources) s
9 r (than) s
7 r (we) s
8 r (are) s
9 r (today) s
-2 r 46 c
46 2568 p (For) s
7 r (example,) s
9 r (currently) s
7 r (it) s
6 r (is) s
8 r (not) s
7 r (hard) s
7 r (to) s
7 r (imagine) s
8 r (writing) s
46 2617 p 97 c
13 r (program) s
12 r (or) s
12 r (set) s
13 r (of) s
12 r (programs) s
13 r (which) s
12 r (crash) s
13 r (two-third) s
-1 r 115 c
46 2667 p (of) s
16 r (the) s
16 r (existing) s
15 r (Sun) s
16 r 87 c
-2 r (orkstati) s
-1 r (ons) s
15 r (or) s
16 r (other) s
16 r (machines) s
46 2717 p (implementing) s
9 r (Sun') s
-1 r 115 c
10 r (Network) s
10 r (Filesystem) s
11 r (\(NFS\).) s
12 r (This) s
1095 96 p (is) s
13 r (serious) s
12 r (since) s
13 r (such) s
13 r (machines) s
13 r (are) s
13 r (the) s
13 r (most) s
12 r (common) s
1095 146 p (computers) s
15 r (connected) s
15 r (to) s
14 r (the) s
14 r (Internet.) s
26 r (Also,) s
15 r (the) s
15 r (total) s
1095 196 p (lack) s
16 r (of) s
14 r (authentication) s
13 r (and) s
15 r (authorization) s
13 r (for) s
14 r (network) s
1095 246 p (level) s
11 r (routing) s
9 r (makes) s
11 r (it) s
10 r (possible) s
10 r (for) s
10 r (an) s
11 r (ordinary) s
9 r (user) s
11 r (to) s
1095 295 p (disrupt) s
6 r (communications) s
6 r (for) s
7 r 97 c
7 r (lar) s
(ge) s
6 r (portion) s
5 r (of) s
7 r (the) s
6 r (Inter-) s
1095 345 p (net.) s
14 r (Both) s
6 r (tasks) s
7 r (could) s
7 r (be) s
8 r (easily) s
8 r (done) s
7 r (in) s
7 r 97 c
8 r (manner) s
8 r (which) s
1095 395 p (makes) s
13 r (tracking) s
10 r (down) s
11 r (the) s
11 r (initiator) s
9 r (extremely) s
11 r (dif) s
174 c
(cult,) s
1095 445 p (if) s
10 r (not) s
10 r (impossible.) s
cmsy10.300 @sf
1054 522 p 15 c
t-rom.300 @sf
20 r 65 c
13 r (central) s
13 r (security) s
12 r 174 c
120 c
12 r (repository) s
11 r (may) s
13 r (be) s
13 r 97 c
13 r (good) s
12 r (idea.) s
1095 572 p 86 c
-4 r (endors) s
t-ita.300 @sf
11 r (must) s
t-rom.300 @sf
12 r (participate.) s
17 r (End) s
12 r (users,) s
13 r (who) s
11 r (likely) s
11 r (only) s
1095 622 p (want) s
13 r (to) s
12 r (get) s
13 r (their) s
12 r (work) s
12 r (done,) s
13 r (must) s
13 r (be) s
13 r (educated) s
13 r (about) s
1095 672 p (the) s
11 r (importance) s
10 r (of) s
10 r (installin) s
-1 r 103 c
9 r (security) s
9 r 174 c
(xes.) s
cmsy10.300 @sf
1054 749 p 15 c
t-rom.300 @sf
20 r (Knee-jerk) s
10 r (reactions) s
10 r (should) s
9 r (be) s
10 r (avoided.) s
13 r (Openness) s
11 r (and) s
1095 799 p (free) s
9 r 175 c
(ow) s
8 r (of) s
8 r (information) s
6 r (is) s
8 r (the) s
8 r (whole) s
7 r (point) s
7 r (of) s
8 r (network-) s
1095 849 p (ing,) s
9 r (and) s
9 r (funding) s
6 r (agencies) s
10 r (should) s
7 r (not) s
8 r (be) s
9 r (encouraged) s
9 r (to) s
1095 899 p (do) s
7 r (anything) s
6 r (damaging) s
7 r (to) s
7 r (this) s
7 r (without) s
5 r (very) s
7 r (careful) s
8 r (con-) s
1095 948 p (sideration.) s
19 r (Network) s
12 r (connectivity) s
10 r (proved) s
12 r (its) s
12 r (worth) s
11 r (as) s
1095 998 p (an) s
9 r (aid) s
8 r (to) s
8 r (collaboration) s
6 r (by) s
8 r (playing) s
7 r (an) s
9 r (invaluable) s
7 r (role) s
8 r (in) s
1095 1048 p (the) s
13 r (defense) s
14 r (and) s
12 r (analysis) s
13 r (ef) s
(forts) s
11 r (during) s
11 r (the) s
13 r (crisis,) s
13 r (de-) s
1095 1098 p (spite) s
10 r (the) s
10 r (sites) s
11 r (which) s
9 r (isolated) s
10 r (themselves.) s
t-bol.420 @sf
1012 1235 p 52 c
59 r (Acknowledgments) s
t-rom.300 @sf
1012 1328 p (Many) s
7 r (people) s
7 r (contributed) s
5 r (to) s
7 r (our) s
6 r (ef) s
(fort) s
6 r (to) s
6 r (take) s
7 r (apart) s
7 r (the) s
7 r (virus.) s
1012 1378 p 87 c
-2 r 101 c
11 r (would) s
9 r (like) s
11 r (to) s
10 r (thank) s
10 r (them) s
11 r (all) s
11 r (for) s
10 r (their) s
10 r (help) s
10 r (and) s
11 r (insights) s
1012 1427 p (both) s
10 r (during) s
8 r (the) s
11 r (immediate) s
10 r (crisis) s
10 r (and) s
10 r (afterwards.) s
t-bol.360 @sf
1012 1543 p (4.1) s
51 r (The) s
19 r (MIT) s
19 r (team) s
t-rom.300 @sf
1012 1621 p (The) s
19 r (MIT) s
19 r (group) s
17 r (ef) s
(fort) s
16 r (encompassed) s
20 r (many) s
19 r (or) s
(ganization) s
-1 r 115 c
1012 1671 p (within) s
6 r (the) s
7 r (Institute.) s
11 r (It) s
7 r (included) s
6 r (people) s
7 r (from) s
7 r (Project) s
7 r (Athena,) s
1012 1721 p (the) s
7 r 84 c
-2 r (elecommunications) s
7 r (Network) s
6 r (Group,) s
7 r (the) s
7 r (Student) s
6 r (Infor-) s
1012 1771 p (mation) s
10 r (Processing) s
11 r (Board) s
10 r (\(SIPB\),) s
10 r (the) s
11 r (Laboratory) s
10 r (for) s
10 r (Com-) s
1012 1820 p (puter) s
10 r (Science,) s
12 r (and) s
10 r (the) s
10 r (Media) s
11 r (Laboratory) s
-2 r 46 c
1054 1870 p (The) s
10 r (SIPB') s
-1 r 115 c
9 r (role) s
9 r (is) s
9 r (quite) s
9 r (interesting.) s
13 r (It) s
9 r (is) s
9 r 97 c
11 r (volunteer) s
8 r (stu-) s
1012 1920 p (dent) s
13 r (or) s
(ganization) s
11 r (that) s
12 r (represents) s
13 r (students) s
12 r (on) s
13 r (issues) s
13 r (of) s
13 r (the) s
1012 1970 p (MIT) s
12 r (computing) s
10 r (environment,) s
11 r (does) s
11 r (software) s
12 r (development,) s
1012 2020 p (provides) s
15 r (consulting) s
14 r (to) s
15 r (the) s
16 r (community) s
-2 r 44 c
15 r (and) s
16 r (other) s
15 r (miscel-) s
1012 2069 p (laneous) s
15 r (tasks.) s
28 r (Almost) s
14 r (all) s
14 r (the) s
15 r (members) s
16 r (of) s
14 r (the) s
15 r (MIT) s
15 r (team) s
1012 2119 p (which) s
11 r (took) s
9 r (apart) s
11 r (the) s
10 r (virus) s
10 r (were) s
11 r (members) s
12 r (of) s
10 r (the) s
11 r (SIPB,) s
11 r (and) s
1012 2169 p (the) s
8 r (SIPB) s
7 r (of) s
174 c
(ce) s
8 r (was) s
8 r (the) s
7 r (focus) s
8 r (for) s
7 r (early) s
7 r (ef) s
(forts) s
7 r (at) s
7 r (virus) s
7 r (catch-) s
1012 2219 p (ing) s
10 r (until) s
8 r (people) s
10 r (gathered) s
11 r (in) s
9 r (the) s
11 r (Project) s
10 r (Athena) s
10 r (of) s
174 c
(ces.) s
1054 2269 p (Mark) s
13 r 87 c
-3 r 46 c
12 r (Eichin) s
12 r (\(Athena) s
12 r (and) s
13 r (SIPB\)) s
12 r (and) s
13 r (Stanley) s
12 r (R.) s
13 r (Za-) s
1012 2319 p (narotti) s
6 r (\(LCS) s
7 r (and) s
7 r (SIPB\)) s
7 r (led) s
7 r (the) s
6 r (team) s
8 r (disassembling) s
7 r (the) s
6 r (virus) s
1012 2368 p (code.) s
17 r (The) s
11 r (team) s
12 r (included) s
10 r (Bill) s
9 r (Sommerfeld) s
11 r (\(Athena/Apollo) s
1012 2418 p (Computer) s
11 r (and) s
12 r (SIPB\),) s
11 r 84 c
-2 r (ed) s
11 r 89 c
-4 r 46 c
11 r 84 c
-2 r (s'o) s
11 r (\(Athena) s
11 r (and) s
11 r (SIPB\),) s
12 r (Jon) s
1012 2468 p (Rochlis) s
13 r (\(T) s
-2 r (elecommunications) s
12 r (Network) s
12 r (Group) s
12 r (and) s
14 r (SIPB\),) s
1012 2518 p (Ken) s
17 r (Raeburn) s
16 r (\(Athena) s
17 r (and) s
16 r (SIPB\),) s
17 r (Hal) s
16 r (Birkeland) s
16 r (\(Media) s
1012 2568 p (Laboratory\),) s
10 r (and) s
11 r (John) s
10 r 84 c
-2 r 46 c
10 r (Kohl) s
9 r (\(Athena/DEC) s
10 r (and) s
10 r (SIPB\).) s
1054 2617 p (Jef) s
(frey) s
15 r (I.) s
16 r (Schiller) s
14 r (\(Campus) s
16 r (Network) s
15 r (Manager) s
-1 r 44 c
17 r (Athena) s
1012 2667 p (Operations) s
12 r (Manager) s
-1 r 44 c
14 r (and) s
13 r (SIPB\)) s
12 r (did) s
12 r 97 c
14 r (lot) s
11 r (of) s
13 r (work) s
12 r (in) s
12 r (trap-) s
1012 2717 p (ping) s
10 r (the) s
11 r (virus,) s
10 r (setting) s
9 r (up) s
11 r (an) s
11 r (isolated) s
9 r (test) s
11 r (suite,) s
11 r (and) s
10 r (dealing) s
965 2842 p 55 c
@eop
8 @bop0
8 @bop1
t-rom.300 @sf
-36 96 p (with) s
10 r (the) s
13 r (media.) s
23 r (Pascal) s
14 r (Chesnais) s
13 r (\(Media) s
13 r (Laboratory\)) s
12 r (was) s
-36 146 p (one) s
13 r (of) s
15 r (the) s
14 r 174 c
(rst) s
14 r (at) s
15 r (MIT) s
15 r (to) s
14 r (spot) s
14 r (the) s
14 r (virus.) s
27 r (Ron) s
14 r (Hof) s
(fmann) s
-36 196 p (\(Network) s
7 r (Group\)) s
9 r (was) s
10 r (one) s
10 r (of) s
10 r (the) s
9 r 174 c
(rst) s
10 r (to) s
9 r (notice) s
9 r (an) s
10 r (MIT) s
10 r (ma-) s
-36 246 p (chine) s
9 r (attacked) s
10 r (by) s
10 r 174 c
(nger) s
-1 r 46 c
4 295 p 84 c
(im) s
6 r (Shepard) s
7 r (\(LCS\)) s
7 r (provided) s
5 r (information) s
5 r (about) s
7 r (the) s
7 r (prop-) s
-36 345 p (agation) s
5 r (of) s
8 r (the) s
7 r (virus,) s
8 r (as) s
8 r (well) s
7 r (as) s
8 r (lar) s
(ge) s
7 r (amounts) s
7 r (of) s
7 r 96 c
-2 r (`netwatch') s
-2 r 39 c
-36 395 p (data) s
9 r (and) s
10 r (other) s
10 r (technical) s
10 r (help.) s
4 445 p (James) s
12 r (D.) s
10 r (Bruce) s
11 r (\(EECS) s
10 r (Professor) s
10 r (and) s
10 r 86 c
-1 r (ice) s
9 r (President) s
10 r (for) s
-36 495 p (Infor) s
-1 r (mation) s
8 r (Systems\)) s
11 r (and) s
11 r (the) s
10 r (MIT) s
11 r (News) s
11 r (Of) s
174 c
(ce) s
10 r (did) s
10 r (an) s
10 r (ad-) s
-36 544 p (mirable) s
7 r (job) s
7 r (of) s
8 r (keeping) s
8 r (the) s
8 r (media) s
9 r (manageable) s
10 r (and) s
8 r (letting) s
7 r (us) s
-36 594 p (get) s
9 r (our) s
9 r (work) s
10 r (done.) s
t-bol.360 @sf
-36 713 p (4.2) s
49 r (The) s
19 r (Berkeley) s
19 r 84 c
-4 r (eam) s
t-rom.300 @sf
-36 790 p 87 c
-2 r 101 c
10 r (communicated) s
12 r (and) s
12 r (exchanged) s
13 r (code) s
12 r (with) s
11 r (Berkeley) s
11 r (ex-) s
-36 840 p (tensively) s
5 r (througho) s
-1 r (ut) s
5 r (the) s
7 r (morning) s
6 r (of) s
6 r 52 c
7 r (November) s
8 r (1988.) s
12 r (The) s
-36 890 p (team) s
12 r (there) s
13 r (included) s
12 r (Keith) s
13 r (Bostic) s
12 r (\(Computer) s
12 r (Systems) s
14 r (Re-) s
-36 940 p (search) s
16 r (Group,) s
17 r (University) s
15 r (of) s
16 r (Californi) s
-1 r (a,) s
17 r (Berkeley\),) s
18 r (Mike) s
-36 990 p (Karels) s
10 r (\(Computer) s
11 r (Systems) s
12 r (Research) s
13 r (Group,) s
11 r (University) s
10 r (of) s
-36 1040 p (Califo) s
-1 r (rni) s
-1 r (a,) s
7 r (Berkeley\),) s
8 r (Phil) s
7 r (Lapsley) s
8 r (\(Experimental) s
7 r (Comput-) s
-36 1089 p (ing) s
6 r (Facility) s
-2 r 44 c
8 r (University) s
7 r (of) s
9 r (California,) s
8 r (Berkeley\),) s
9 r (Dave) s
10 r (Pare) s
-36 1139 p (\(FX) s
6 r (Development,) s
8 r (Inc.\),) s
9 r (Donn) s
7 r (Seeley) s
9 r (\(University) s
5 r (of) s
8 r (Utah\),) s
-36 1189 p (Chri) s
-1 r 115 c
11 r 84 c
-2 r (orek) s
11 r (\(University) s
10 r (of) s
12 r (Maryland\),) s
12 r (and) s
12 r (Peter) s
13 r 89 c
-3 r (ee) s
12 r (\(Ex-) s
-36 1239 p (perimental) s
15 r (Computing) s
15 r (Facility) s
-2 r 44 c
18 r (University) s
15 r (of) s
17 r (California,) s
-36 1289 p (Berkeley\).) s
t-bol.360 @sf
-36 1407 p (4.3) s
49 r (Others) s
t-rom.300 @sf
-36 1485 p (Numerous) s
10 r (others) s
11 r (across) s
12 r (the) s
11 r (country) s
10 r (deserve) s
12 r (thanks;) s
11 r (many) s
-36 1535 p (of) s
16 r (them) s
19 r (worked) s
18 r (directly) s
17 r (or) s
18 r (indirectly) s
16 r (on) s
18 r (the) s
18 r (virus,) s
20 r (and) s
-36 1584 p (helped) s
6 r (coordinate) s
7 r (the) s
7 r (spread) s
8 r (of) s
7 r (information.) s
11 r (Special) s
8 r (thanks) s
-36 1634 p (shoul) s
-1 r 100 c
6 r (go) s
7 r (to) s
7 r (Gene) s
8 r (Spaf) s
(ford) s
6 r (\(Purdue\)) s
7 r (for) s
7 r (serving) s
7 r (as) s
8 r 97 c
9 r (central) s
-36 1684 p (info) s
-1 r (rmation) s
8 r (point) s
9 r (and) s
11 r (providin) s
-1 r 103 c
9 r (key) s
10 r (insight) s
9 r (into) s
9 r (the) s
10 r (work-) s
-36 1734 p (ings) s
6 r (of) s
8 r (the) s
9 r (virus.) s
12 r (Don) s
8 r (Becker) s
9 r (\(Harris) s
8 r (Corporation\)) s
6 r (has) s
9 r (pro-) s
-36 1784 p (vided) s
11 r (the) s
12 r (most) s
13 r (readable) s
13 r (decompilation) s
12 r (of) s
12 r (the) s
13 r (virus) s
12 r (which) s
-36 1834 p (we) s
9 r (have) s
11 r (seen) s
11 r (to) s
10 r (date.) s
14 r (It) s
10 r (was) s
11 r (most) s
10 r (helpful.) s
4 1883 p (People) s
8 r (who) s
7 r (of) s
(fered) s
7 r (particularly) s
6 r (valuable) s
7 r (advice) s
9 r (included) s
-36 1933 p (Judit) s
-1 r 104 c
7 r (Provost,) s
8 r (Jennifer) s
8 r (Steiner) s
-1 r 44 c
9 r (Mary) s
8 r 86 c
-4 r (ogt,) s
7 r (Stan) s
9 r (Zanarotti,) s
-36 1983 p (Jon) s
6 r (Kamens,) s
9 r (Marc) s
8 r (Horowitz,) s
7 r (Jenifer) s
8 r 84 c
(idwell,) s
6 r (James) s
9 r (Bruce,) s
-36 2033 p (Jerry) s
15 r (Saltzer) s
-1 r 44 c
19 r (Steve) s
17 r (Dyer) s
-1 r 44 c
18 r (Ron) s
16 r (Hof) s
(fmann) s
15 r (and) s
17 r (many) s
17 r (un-) s
-36 2083 p (named) s
10 r (people) s
11 r (from) s
11 r (the) s
11 r (SIPB) s
10 r (Of) s
174 c
(ce.) s
17 r (Any) s
10 r (remaining) s
11 r 175 c
(aws) s
-36 2132 p (in) s
8 r (this) s
10 r (paper) s
10 r (are) s
11 r (our) s
10 r (fault,) s
10 r (not) s
9 r (theirs.) s
4 2182 p (Special) s
11 r (thanks) s
11 r (to) s
10 r (Bill) s
10 r (Sommerfeld) s
11 r (for) s
11 r (providing) s
9 r (the) s
10 r (de-) s
-36 2232 p (scripti) s
-1 r (on) s
8 r (of) s
10 r (the) s
10 r 174 c
(nger) s
10 r (attack) s
11 r 46 c
965 2842 p 56 c
@eop
9 @bop0
cmr6.300 @sf
[<1F003F8070C060E0E0E0E0E0E0E0F0E0FFC0FF80E200600071C039C01FC00780> 11 16 -1 0 15] 54 @dc
9 @bop1
t-bol.420 @sf
-36 96 p 65 c
57 r (The) s
22 r (Pr) s
(ogram) s
t-rom.300 @sf
-36 190 p (This) s
11 r (Appendix) s
12 r (describes) s
14 r (the) s
13 r (virus) s
12 r (program) s
13 r (subroutin) s
-1 r 101 c
12 r (by) s
-36 240 p (subrou) s
-1 r (tin) s
-1 r (e.) s
20 r (For) s
13 r (reference,) s
15 r (the) s
13 r 175 c
(ow) s
12 r (of) s
13 r (information) s
10 r (among) s
-36 289 p (the) s
9 r (subroutin) s
-1 r (es) s
9 r (is) s
10 r (shown) s
10 r (in) s
10 r (Figure) s
10 r (1.) s
t-bol.360 @sf
-36 411 p (A.1) s
49 r (Names) s
t-rom.300 @sf
-36 490 p (The) s
12 r (core) s
14 r (of) s
13 r (the) s
13 r (virus) s
12 r (is) s
13 r 97 c
14 r (pair) s
13 r (of) s
12 r (binary) s
13 r (modules,) s
14 r (one) s
13 r (for) s
-36 539 p (the) s
14 r 86 c
-4 r (AX) s
14 r (architecture) s
15 r (and) s
15 r (the) s
16 r (other) s
14 r (for) s
15 r (the) s
15 r (Sun) s
15 r (architec-) s
-36 589 p (ture.) s
13 r (These) s
12 r (are) s
12 r (linkable) s
9 r (modules,) s
11 r (and) s
11 r (thus) s
10 r (have) s
11 r (name) s
12 r (lists) s
-36 639 p (for) s
11 r (their) s
12 r (internal) s
12 r (procedures.) s
23 r (Many) s
13 r (of) s
12 r (the) s
13 r (original) s
11 r (names) s
-36 689 p (are) s
10 r (included) s
9 r (here) s
11 r (with) s
9 r (the) s
10 r (descriptions) s
10 r (of) s
10 r (the) s
10 r (functions) s
9 r (the) s
-36 739 p (rout) s
-1 r (ines) s
9 r (performed.) s
4 789 p (It) s
8 r (is) s
9 r (surprising) s
7 r (that) s
8 r (the) s
9 r (names) s
10 r (are) s
10 r (included,) s
9 r (and) s
9 r (astonish-) s
-36 839 p (ing) s
5 r (that) s
8 r (they) s
7 r (are) s
9 r (meaningful.) s
12 r (Some) s
8 r (simple) s
8 r (techniques,) s
8 r (such) s
-36 889 p (as) s
9 r (randomizing) s
9 r (the) s
10 r (procedure) s
10 r (names,) s
11 r (would) s
9 r (have) s
10 r (removed) s
-36 938 p 97 c
10 r (number) s
9 r (of) s
10 r (clues) s
11 r (to) s
10 r (the) s
10 r (function) s
9 r (of) s
10 r (the) s
10 r (virus.) s
t-bol.360 @sf
-36 1060 p (A.2) s
49 r (main) s
t-rom.300 @sf
-36 1139 p (The) s
8 r (main) s
9 r (module,) s
9 r (the) s
9 r (starting) s
8 r (point) s
7 r (of) s
9 r (any) s
9 r 67 c
8 r (language) s
9 r (pro-) s
-36 1188 p (gram,) s
8 r (does) s
9 r (some) s
9 r (initiali) s
-1 r (zation,) s
7 r (processes) s
10 r (its) s
8 r (command) s
9 r (line,) s
-36 1238 p (and) s
12 r (then) s
12 r (goes) s
13 r (of) s
102 c
12 r (into) s
12 r (the) s
13 r (loop) s
11 r (which) s
13 r (or) s
(ganizes) s
12 r (all) s
13 r (of) s
13 r (the) s
-36 1288 p (real) s
9 r (work.) s
t-bol.300 @sf
-36 1401 p (A.2.1) s
40 r (Initialization) s
t-rom.300 @sf
-36 1480 p (The) s
8 r (program) s
8 r 174 c
(rst) s
9 r (takes) s
9 r (some) s
9 r (steps) s
9 r (to) s
9 r (hide) s
8 r (itself.) s
13 r (It) s
8 r (changes) s
-36 1530 p (the) s
10 r 96 c
-2 r (`zeroth') s
-3 r 39 c
10 r (ar) s
(gument,) s
12 r (which) s
11 r (is) s
12 r (the) s
11 r (process) s
13 r (name,) s
13 r (to) s
c-med.300 @sf
11 r (sh) s
t-rom.300 @sf
46 c
-36 1580 p (Thus,) s
15 r (no) s
14 r (matter) s
15 r (how) s
14 r (the) s
15 r (program) s
14 r (was) s
16 r (invoked,) s
15 r (it) s
14 r (would) s
-36 1630 p (show) s
14 r (up) s
15 r (in) s
15 r (the) s
15 r (process) s
17 r (table) s
15 r (with) s
14 r (the) s
16 r (same) s
17 r (name) s
16 r (as) s
17 r (the) s
-36 1679 p (Bourn) s
-1 r 101 c
9 r (Shell,) s
10 r 97 c
11 r (program) s
10 r (which) s
10 r (often) s
10 r (runs) s
9 r (legitimately) s
-2 r 46 c
4 1730 p (The) s
14 r (program) s
12 r (also) s
13 r (sets) s
13 r (the) s
13 r (maximum) s
14 r (core) s
13 r (dump) s
13 r (size) s
13 r (to) s
-36 1779 p (zero) s
12 r (blocks.) s
20 r (If) s
12 r (the) s
13 r (program) s
12 r (crashed) s
cmr7.300 @sf
569 1765 p 54 c
t-rom.300 @sf
601 1779 p (it) s
12 r (would) s
11 r (not) s
12 r (leave) s
13 r 97 c
-36 1829 p (core) s
14 r (dump) s
14 r (behind) s
14 r (to) s
14 r (help) s
15 r (investigators.) s
26 r (It) s
14 r (also) s
15 r (turns) s
14 r (of) s
102 c
-36 1879 p (handli) s
-1 r (ng) s
7 r (of) s
8 r (write) s
8 r (errors) s
9 r (on) s
8 r (pipes,) s
9 r (which) s
8 r (normally) s
8 r (cause) s
10 r (the) s
-36 1929 p (progr) s
-1 r (am) s
10 r (to) s
9 r (exit.) s
4 1979 p (The) s
12 r (next) s
11 r (step) s
11 r (is) s
11 r (to) s
11 r (read) s
12 r (the) s
11 r (clock,) s
12 r (store) s
11 r (the) s
11 r (current) s
11 r (time) s
-36 2029 p (in) s
11 r 97 c
14 r (local) s
13 r (variable,) s
14 r (and) s
14 r (use) s
14 r (that) s
12 r (value) s
14 r (to) s
12 r (seed) s
15 r (the) s
13 r (random) s
-36 2079 p (number) s
9 r (generator) s
-1 r 46 c
t-bol.300 @sf
-36 2192 p (A.2.2) s
40 r (Command) s
15 r (line) s
15 r (argument) s
16 r (pr) s
(ocessing) s
t-rom.300 @sf
-36 2271 p (The) s
16 r (virus) s
16 r (program) s
17 r (itself) s
16 r (takes) s
18 r (an) s
17 r (optional) s
15 r (ar) s
(gument) s
c-med.300 @sf
17 r (-p) s
t-rom.300 @sf
-36 2321 p (which) s
6 r (must) s
9 r (be) s
8 r (followed) s
7 r (by) s
8 r 97 c
9 r (decimal) s
9 r (number) s
-1 r 44 c
8 r (which) s
8 r (seems) s
-36 2370 p (to) s
11 r (be) s
13 r 97 c
13 r (process) s
13 r (id) s
12 r (of) s
13 r (the) s
12 r (parent) s
13 r (which) s
12 r (spawned) s
13 r (it.) s
21 r (It) s
12 r (uses) s
-36 2420 p (thi) s
-1 r 115 c
7 r (number) s
9 r (later) s
9 r (to) s
8 r (kill) s
7 r (that) s
8 r (process,) s
10 r (probably) s
8 r (to) s
8 r 96 c
-2 r (`close) s
8 r (the) s
-36 2470 p (door) s
1 r 39 c
-3 r 39 c
8 r (behind) s
9 r (it.) s
4 2520 p (The) s
19 r (rest) s
19 r (of) s
18 r (the) s
18 r (command) s
20 r (line) s
17 r (ar) s
(guments) s
18 r (are) s
19 r 96 c
-2 r (`object) s
-36 2570 p (names') s
-2 r ('.) s
25 r (These) s
16 r (are) s
15 r (names) s
16 r (of) s
14 r 174 c
(les) s
14 r (it) s
14 r (tries) s
14 r (to) s
14 r (load) s
14 r (into) s
13 r (its) s
-36 2599 p 390 2 ru
cmr6.300 @sf
5 2627 p 54 c
t-rom.240 @sf
22 2638 p (For) s
9 r (example,) s
8 r (the) s
8 r (virus) s
8 r (was) s
8 r (originally) s
8 r (compiled) s
7 r (using) s
8 r (4.3BSD) s
8 r (decla-) s
-36 2678 p (ration) s
5 r 174 c
(les.) s
11 r (Under) s
6 r (4.2BSD,) s
8 r (the) s
6 r (alias) s
7 r (name) s
6 r (list) s
8 r (did) s
6 r (not) s
7 r (exist,) s
7 r (and) s
6 r (code) s
6 r (such) s
-36 2717 p (as) s
7 r (the) s
7 r (virus) s
8 r (which) s
8 r (assumes) s
7 r (aliases) s
7 r (are) s
8 r (there) s
8 r (can) s
7 r (crash) s
8 r (and) s
7 r (dump) s
7 r (core.) s
t-rom.300 @sf
1012 96 p (address) s
13 r (space.) s
22 r (If) s
11 r (it) s
12 r (can') s
116 c
11 r (load) s
12 r (one) s
12 r (of) s
12 r (them,) s
14 r (it) s
11 r (quits.) s
19 r (If) s
12 r (the) s
c-med.300 @sf
1012 146 p (-p) s
t-rom.300 @sf
14 r (ar) s
(gument) s
13 r (is) s
14 r (given,) s
15 r (it) s
13 r (also) s
14 r (deletes) s
14 r (the) s
14 r (object) s
13 r 174 c
(les,) s
16 r (and) s
1012 196 p (later) s
8 r (tries) s
8 r (to) s
7 r (remove) s
8 r (the) s
8 r (disk) s
7 r (image) s
9 r (of) s
7 r (running) s
7 r (virus,) s
7 r (as) s
9 r (well) s
1012 246 p (as) s
12 r (the) s
11 r 174 c
(le) s
c-med.300 @sf
12 r (/tmp/.dumb) s
t-rom.300 @sf
46 c
16 r (\(This) s
11 r 174 c
(le) s
11 r (is) s
11 r (not) s
10 r (referenced) s
13 r (any-) s
1012 295 p (where) s
11 r (else) s
11 r (in) s
10 r (the) s
10 r (virus,) s
10 r (so) s
10 r (it) s
9 r (is) s
11 r (unclear) s
10 r (why) s
10 r (it) s
9 r (is) s
10 r (deleted.\)) s
1054 347 p (The) s
8 r (program) s
6 r (then) s
7 r (tried) s
6 r 97 c
7 r (few) s
8 r (further) s
6 r (steps,) s
8 r (exiting) s
5 r (\(`) s
-2 r (`bail-) s
1012 397 p (ing) s
10 r (out') s
-2 r ('\)) s
8 r (if) s
9 r (any) s
11 r (of) s
10 r (them) s
10 r (failed:) s
cmsy10.300 @sf
1054 448 p 15 c
t-rom.300 @sf
20 r (It) s
9 r (checked) s
11 r (that) s
9 r (it) s
9 r (had) s
9 r (been) s
10 r (given) s
9 r (at) s
10 r (least) s
9 r (one) s
10 r (object) s
9 r (on) s
1095 498 p (the) s
11 r (command) s
11 r (line.) s
cmsy10.300 @sf
1054 548 p 15 c
t-rom.300 @sf
20 r (It) s
14 r (checked) s
15 r (to) s
13 r (see) s
15 r (if) s
14 r (it) s
13 r (had) s
14 r (successfully) s
14 r (loaded) s
13 r (in) s
14 r (the) s
1095 598 p (object) s
c-med.300 @sf
10 r (l1.c) s
t-rom.300 @sf
46 c
1054 649 p (If) s
12 r (the) s
13 r 96 c
-2 r (`-p') s
-4 r 39 c
11 r (ar) s
(gument) s
11 r (was) s
14 r (given,) s
12 r (the) s
13 r (program) s
12 r (closes) s
13 r (all) s
1012 699 p 174 c
(le) s
14 r (descriptors,) s
13 r (in) s
13 r (case) s
15 r (there) s
13 r (are) s
14 r (any) s
13 r (connections) s
13 r (open) s
13 r (to) s
1012 749 p (the) s
11 r (parent.) s
1054 801 p (The) s
8 r (program) s
7 r (then) s
7 r (erases) s
9 r (the) s
7 r (text) s
7 r (of) s
7 r (the) s
8 r (ar) s
(gument) s
6 r (array) s
-2 r 44 c
8 r (to) s
1012 851 p (further) s
7 r (obscure) s
8 r (how) s
8 r (it) s
7 r (was) s
8 r (started) s
8 r (\(perhaps) s
8 r (to) s
7 r (hide) s
7 r (anything) s
1012 900 p (if) s
10 r (one) s
11 r (were) s
11 r (to) s
9 r (get) s
10 r 97 c
11 r (core) s
11 r (image) s
11 r (of) s
10 r (the) s
10 r (running) s
8 r (virus.\)) s
1054 952 p (It) s
8 r (scans) s
9 r (all) s
8 r (of) s
8 r (the) s
8 r (network) s
7 r (interfaces) s
9 r (on) s
8 r (the) s
8 r (machine,) s
10 r (gets) s
1012 1002 p (the) s
12 r 175 c
(ags) s
11 r (and) s
12 r (addresses) s
12 r (of) s
11 r (each) s
12 r (interface.) s
18 r (It) s
10 r (tries) s
11 r (to) s
11 r (get) s
11 r (the) s
1012 1052 p (point-to-po) s
-1 r (int) s
11 r (address) s
14 r (of) s
14 r (the) s
13 r (interface,) s
15 r (skipping) s
12 r (the) s
14 r (loop-) s
1012 1101 p (back) s
15 r (address.) s
25 r (It) s
14 r (also) s
14 r (stores) s
14 r (the) s
13 r (netmask) s
15 r (for) s
13 r (that) s
13 r (network) s
1012 1151 p 91 c
(19) s
(].) s
1054 1203 p (Finally) s
-2 r 44 c
8 r (it) s
8 r (kills) s
8 r (of) s
102 c
8 r (the) s
9 r (process) s
10 r (id) s
8 r (given) s
9 r (with) s
8 r (the) s
9 r 96 c
-2 r (`-p') s
-3 r 39 c
7 r (op-) s
1012 1253 p (tion.) s
24 r (It) s
14 r (also) s
13 r (changes) s
15 r (the) s
14 r (current) s
14 r (process) s
14 r (group,) s
14 r (so) s
14 r (that) s
13 r (it) s
1012 1302 p (doesn') s
116 c
10 r (die) s
11 r (when) s
11 r (the) s
11 r (parent) s
10 r (exits.) s
16 r (Once) s
12 r (this) s
10 r (is) s
11 r (cleaned) s
12 r (up,) s
1012 1352 p (it) s
12 r (falls) s
12 r (into) s
11 r (the) s
t-ita.300 @sf
12 r (doit) s
t-rom.300 @sf
11 r (routine) s
11 r (which) s
11 r (performs) s
12 r (the) s
13 r (rest) s
12 r (of) s
12 r (the) s
1012 1402 p (work.) s
t-bol.360 @sf
1012 1531 p (A.3) s
51 r (doit) s
18 r 114 c
(outine) s
t-rom.300 @sf
1012 1612 p (This) s
11 r (routine) s
9 r (is) s
10 r (where) s
10 r (the) s
11 r (program) s
10 r (spends) s
10 r (most) s
10 r (of) s
10 r (its) s
10 r (time.) s
t-bol.300 @sf
1012 1732 p (A.3.1) s
42 r (Initializatio) s
-1 r 110 c
t-rom.300 @sf
1012 1813 p (Like) s
7 r (the) s
7 r (main) s
7 r (routine,) s
7 r (it) s
6 r (seeds) s
8 r (the) s
6 r (random) s
7 r (number) s
7 r (generator) s
1012 1863 p (with) s
11 r (the) s
12 r (clock,) s
12 r (and) s
12 r (stores) s
11 r (the) s
12 r (clock) s
12 r (value) s
11 r (to) s
12 r (later) s
11 r (measure) s
1012 1913 p (how) s
10 r (long) s
10 r (the) s
10 r (virus) s
9 r (has) s
11 r (been) s
10 r (running) s
9 r (on) s
10 r (this) s
9 r (system.) s
1054 1964 p (It) s
9 r (then) s
8 r (tries) s
t-ita.300 @sf
9 r (hg) s
t-rom.300 @sf
46 c
13 r (If) s
9 r (that) s
9 r (fails,) s
9 r (it) s
8 r (tries) s
t-ita.300 @sf
9 r (hl) s
t-rom.300 @sf
46 c
13 r (If) s
9 r (that) s
8 r (fails,) s
10 r (it) s
8 r (tries) s
t-ita.300 @sf
1012 2014 p (ha) s
t-rom.300 @sf
46 c
1054 2066 p (It) s
8 r (then) s
8 r (tries) s
8 r (to) s
8 r (check) s
9 r (if) s
8 r (there) s
8 r (is) s
8 r (already) s
9 r 97 c
9 r (copy) s
8 r (of) s
8 r (the) s
8 r (virus) s
1012 2116 p (running) s
9 r (on) s
10 r (this) s
9 r (machine.) s
15 r (Errors) s
11 r (in) s
9 r (this) s
10 r (code) s
11 r (contributed) s
8 r (to) s
1012 2165 p (the) s
12 r (lar) s
(ge) s
11 r (amounts) s
12 r (of) s
11 r (computer) s
12 r (time) s
12 r (taken) s
12 r (up) s
11 r (by) s
11 r (the) s
12 r (virus.) s
1012 2215 p (Speci) s
174 c
(cally:) s
cmsy10.300 @sf
1054 2267 p 15 c
t-rom.300 @sf
20 r (On) s
10 r 97 c
11 r (one-in-seven) s
9 r (chance,) s
12 r (it) s
9 r (won') s
116 c
8 r (even) s
11 r (try) s
9 r (to) s
9 r (test) s
10 r (for) s
1095 2317 p (another) s
10 r (virus.) s
cmsy10.300 @sf
1054 2367 p 15 c
t-rom.300 @sf
20 r (The) s
10 r 174 c
(rst) s
9 r (copy) s
9 r (of) s
9 r (the) s
10 r (virus) s
8 r (to) s
9 r (run) s
8 r (is) s
9 r (the) s
9 r (only) s
9 r (one) s
9 r (which) s
1095 2416 p (listens) s
10 r (for) s
10 r (others;) s
10 r (if) s
10 r (multiple) s
9 r (infections) s
9 r (occur) s
11 r 96 c
-2 r (`simul-) s
1095 2466 p (taneously') s
-2 r 39 c
6 r (they) s
8 r (will) s
6 r (not) s
7 r 96 c
-2 r (`hear) s
2 r 39 c
-2 r 39 c
5 r (each) s
9 r (other) s
-1 r 44 c
8 r (and) s
8 r (all) s
7 r (but) s
1095 2516 p (one) s
11 r (will) s
9 r (fail) s
9 r (to) s
10 r (listen) s
9 r (\(see) s
12 r (section) s
10 r (A.12\).) s
1054 2568 p (The) s
20 r (remainder) s
19 r (of) s
19 r (the) s
18 r (initializatio) s
-1 r 110 c
17 r (routine) s
18 r (seems) s
20 r (de-) s
1012 2617 p (signed) s
20 r (to) s
20 r (send) s
20 r 97 c
21 r (single) s
20 r (byte) s
20 r (to) s
19 r (address) s
21 r (128.32.137.13,) s
1012 2667 p (which) s
8 r (is) s
t-ita.300 @sf
8 r (ernie.berkeley) s
-1 r (.edu) s
t-rom.300 @sf
44 c
10 r (on) s
8 r (port) s
7 r 49 c
-1 r (1357.) s
11 r (This) s
8 r (never) s
9 r (hap-) s
1012 2717 p (pens,) s
15 r (since) s
14 r (the) s
14 r (author) s
12 r (used) s
14 r (the) s
t-ita.300 @sf
13 r (sendto) s
t-rom.300 @sf
13 r (function) s
12 r (on) s
13 r 97 c
14 r (TCP) s
965 2842 p 57 c
@eop
10 @bop0
10 @bop1
-36 2501 p @beginspecial
-36.000000 @hoffset
-108.000000 @voffset
@setspecial
%!PS-Adobe-
%%DocumentFonts: Courier
%%Pages: 1
%%BoundingBox: 23 88 1279 675
%%EndComments
.86 1 scale
40 0 translate
/arrowheight 8 def
/arrowwidth 4 def
/none null def
/numgraphicparameters 10 def
/Begin {
save
numgraphicparameters dict begin
} def
/End {
end
restore
} def
/SetB {
dup type /nulltype eq {
pop
false /brushrightarrow idef
false /brushleftarrow idef
1 /brushwidth idef
0 /brushdashoffset idef
[] /brushdasharray idef
true /brushnone idef
} {
0 ne /brushrightarrow idef
0 ne /brushleftarrow idef
/brushwidth idef
/brushdashoffset idef
/brushdasharray idef
false /brushnone idef
} ifelse
} def
/SetF {
/printsize idef
/printfont idef
} def
/SetP {
dup type /nulltype eq {
pop
-1 /patterngraylevel idef
true /patternnone idef
} {
/patterngraylevel idef
false /patternnone idef
} ifelse
} def
/BSpl {
0 begin
storexyn
newpath
0 0 0 0 0 0 1 1 true subspline
n 2 gt {
0 0 0 0 1 1 2 2 false subspline
1 1 n 3 sub {
/i exch def
i 1 sub dup i dup i 1 add dup i 2 add dup false subspline
} for
n 3 sub dup n 2 sub dup n 1 sub dup 2 copy false subspline
} if
n 2 sub dup n 1 sub dup 2 copy 2 copy false subspline
patternnone not brushleftarrow not brushrightarrow not and and {
ifill
} if
brushnone not { istroke } if
0 0 1 1 leftarrow
n 2 sub dup n 1 sub dup rightarrow
end
} dup 0 4 dict put def
/Circ {
newpath
0 360 arc
patternnone not { ifill } if
brushnone not { istroke } if
} def
/CBSpl {
0 begin
dup 2 gt {
storexyn
newpath
n 1 sub dup 0 0 1 1 2 2 true subspline
1 1 n 3 sub {
/i exch def
i 1 sub dup i dup i 1 add dup i 2 add dup false subspline
} for
n 3 sub dup n 2 sub dup n 1 sub dup 0 0 false subspline
n 2 sub dup n 1 sub dup 0 0 1 1 false subspline
patternnone not { ifill } if
brushnone not { istroke } if
} {
Poly
} ifelse
end
} dup 0 4 dict put def
/Elli {
0 begin
/savedCTM matrix currentmatrix def
newpath
4 2 roll
translate
scale
0 0 1 0 360 arc
savedCTM setmatrix
patternnone not { ifill } if
brushnone not { istroke } if
end
} dup 0 1 dict put def
/Line {
0 begin
2 storexyn
newpath
x 0 get y 0 get moveto
x 1 get y 1 get lineto
brushnone not { istroke } if
0 0 1 1 leftarrow
0 0 1 1 rightarrow
end
} dup 0 4 dict put def
/MLine {
0 begin
storexyn
newpath
x 0 get y 0 get moveto
1 1 n 1 sub {
/i exch def
x i get y i get lineto
} for
patternnone not brushleftarrow not brushrightarrow not and and {
ifill
} if
brushnone not { istroke } if
0 0 1 1 leftarrow
n 2 sub dup n 1 sub dup rightarrow
end
} dup 0 4 dict put def
/Poly {
3 1 roll
newpath
moveto
-1 add
{ lineto } repeat
closepath
patternnone not { ifill } if
brushnone not { istroke } if
} def
/Rect {
0 begin
/t exch def
/r exch def
/b exch def
/l exch def
newpath
l b moveto
l t lineto
r t lineto
r b lineto
closepath
patternnone not { ifill } if
brushnone not { istroke } if
end
} dup 0 4 dict put def
/Text {
patternnone not { ishow } { pop } ifelse
} def
/idef {
dup where { pop pop pop } { exch def } ifelse
} def
/ifill {
gsave
patterngraylevel setgray
eofill
grestore
} def
/istroke {
gsave
brushdashoffset -1 eq {
[] 0 setdash
1 setgray
} {
brushdasharray brushdashoffset setdash
0 setgray
} ifelse
brushwidth setlinewidth
originalCTM setmatrix
stroke
grestore
} def
/ishow {
0 begin
gsave
0 2.5 originalCTM dtransform idtransform
/yoff exch def
/xoff exch def
printfont /Courier ne printsize 10 ne and { xoff yoff translate } if
printfont findfont printsize scalefont setfont
patterngraylevel setgray
/vertoffset printsize neg def {
0 vertoffset moveto show
/vertoffset vertoffset printsize sub def
} forall
grestore
end
} dup 0 3 dict put def
/arrowhead {
0 begin
transform originalCTM itransform
/taily exch def
/tailx exch def
transform originalCTM itransform
/tipy exch def
/tipx exch def
/dy tipy taily sub def
/dx tipx tailx sub def
/angle dx 0 ne dy 0 ne or { dy dx atan } { 90 } ifelse def
gsave
originalCTM setmatrix
tipx tipy translate
angle rotate
newpath
0 0 moveto
arrowheight neg arrowwidth 2 div lineto
arrowheight neg arrowwidth 2 div neg lineto
closepath
patternnone not { ifill } if
brushnone not { istroke } if
grestore
end
} dup 0 7 dict put def
/leftarrow {
0 begin
y exch get /taily exch def
x exch get /tailx exch def
y exch get /tipy exch def
x exch get /tipx exch def
brushleftarrow { tipx tipy tailx taily arrowhead } if
end
} dup 0 4 dict put def
/rightarrow {
0 begin
y exch get /tipy exch def
x exch get /tipx exch def
y exch get /taily exch def
x exch get /tailx exch def
brushrightarrow { tipx tipy tailx taily arrowhead } if
end
} dup 0 4 dict put def
/midpoint {
0 begin
/y1 exch def
/x1 exch def
/y0 exch def
/x0 exch def
x0 x1 add 2 div
y0 y1 add 2 div
end
} dup 0 4 dict put def
/thirdpoint {
0 begin
/y1 exch def
/x1 exch def
/y0 exch def
/x0 exch def
x0 2 mul x1 add 3 div
y0 2 mul y1 add 3 div
end
} dup 0 4 dict put def
/subspline {
0 begin
/movetoNeeded exch def
y exch get /y3 exch def
x exch get /x3 exch def
y exch get /y2 exch def
x exch get /x2 exch def
y exch get /y1 exch def
x exch get /x1 exch def
y exch get /y0 exch def
x exch get /x0 exch def
x1 y1 x2 y2 thirdpoint
/p1y exch def
/p1x exch def
x2 y2 x1 y1 thirdpoint
/p2y exch def
/p2x exch def
x1 y1 x0 y0 thirdpoint
p1x p1y midpoint
/p0y exch def
/p0x exch def
x2 y2 x3 y3 thirdpoint
p2x p2y midpoint
/p3y exch def
/p3x exch def
movetoNeeded { p0x p0y moveto } if
p1x p1y p2x p2y p3x p3y curveto
end
} dup 0 17 dict put def
/storexyn {
/n exch def
/y n array def
/x n array def
n 1 sub -1 0 {
/i exch def
y i 3 2 roll put
x i 3 2 roll put
} for
} def
%%EndProlog
%I Idraw 1
gsave
[ 0.9 0 0 0.9 0 0 ] concat
/originalCTM matrix currentmatrix def
grestore
Begin %I Pict
%I b u
%I f u
%I p u
[0.9 0 0 0.9 0 0] concat
%I t 0.9 0 0 0.9 0 0
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
462 581 462 469 Line %I 462 581 462 469
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
448 581 448 469 Line %I 448 581 448 469
End
Begin %I MLine
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
%I 4
336 238 %I 336 238
336 210 %I 336 210
252 210 %I 252 210
252 189 %I 252 189
4 MLine
End
Begin %I MLine
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
%I 4
259 238 %I 259 238
259 224 %I 259 224
231 224 %I 231 224
231 189 %I 231 189
4 MLine
End
Begin %I MLine
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
%I 4
175 238 %I 175 238
175 224 %I 175 224
210 224 %I 210 224
210 189 %I 210 189
4 MLine
End
Begin %I MLine
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
%I 4
70 238 %I 70 238
70 210 %I 70 210
189 210 %I 189 210
189 189 %I 189 189
4 MLine
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
336 350 336 266 Line %I 336 350 336 266
End
Begin %I MLine
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
%I 4
154 399 %I 154 399
154 308 %I 154 308
315 308 %I 315 308
315 266 %I 315 266
4 MLine
End
Begin %I MLine
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
%I 5
126 399 %I 126 399
126 294 %I 126 294
259 294 %I 259 294
259 273 %I 259 273
259 266 %I 259 266
5 MLine
End
Begin %I MLine
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
%I 4
98 399 %I 98 399
98 280 %I 98 280
175 280 %I 175 280
175 266 %I 175 266
4 MLine
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
70 399 70 266 Line %I 70 399 70 266
End
Begin %I Line
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
483 455 511 455 Line %I 483 455 511 455
End
Begin %I Line
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 7 -259] concat
%I t 1 0 0 1 7 -259
476 672 504 672 Line %I 476 672 504 672
End
Begin %I Line
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 7 -301] concat
%I t 1 0 0 1 7 -301
476 672 504 672 Line %I 476 672 504 672
End
Begin %I Line
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 0 -42] concat
%I t 1 0 0 1 0 -42
357 413 427 413 Line %I 357 413 427 413
End
Begin %I Line
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
357 413 427 413 Line %I 357 413 427 413
End
Begin %I Line
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
427 455 357 455 Line %I 427 455 357 455
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
406 609 385 658 Line %I 406 609 385 658
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
483 672 399 672 Line %I 483 672 399 672
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
448 721 385 686 Line %I 448 721 385 686
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
336 721 357 686 Line %I 336 721 357 686
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
77 721 77 658 Line %I 77 721 77 658
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
203 721 203 658 Line %I 203 721 203 658
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
371 658 294 539 Line %I 371 658 294 539
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
357 658 154 539 Line %I 357 658 154 539
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
203 630 126 539 Line %I 203 630 126 539
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
84 630 98 539 Line %I 84 630 98 539
End
Begin %I Pict
%I b u
%I f u
%I p u
%I t u
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1.73684 0 0 1.2 -162.474 -37.8] concat
%I t 1.73684 0 0 1.2 -162.474 -37.8
154 154 287 189 Rect %I 154 154 287 189
End
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1.03704 -2.5 0.518524] concat
%I t 1 0 0 1.03704 -2.5 0.518524
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 202 175] concat
%I t 1 0 0 1 202 175
%I waithit
[
(waithit)
] Text
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 112 161] concat
%I t 1 0 0 1 112 161
%I (wait for infected client to respond)
[
(\(wait for infected client to respond\))
] Text
End
End %I eop
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 98 -42] concat
%I t 1 0 0 1 98 -42
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 7 63] concat
%I t 1 0 0 1 7 63
203 217 280 245 Rect %I 203 217 280 245
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 221.5 300.5] concat
%I t 1 0 0 1 221.5 300.5
%I Hit rexec
[
(Hit rexec)
] Text
End
End %I eop
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
469 581 469 427 Line %I 469 581 469 427
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
476 581 476 385 Line %I 476 581 476 385
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
434 581 434 385 Line %I 434 581 434 385
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
441 581 441 427 Line %I 441 581 441 427
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 178 535] concat
%I t 1 0 0 1 178 535
%I
[
()
] Text
End
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
203 560 203 560 Rect %I 203 560 203 560
End
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -28 -161] concat
%I t 1 0 0 1 -28 -161
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 0 0] concat
%I t 1 0 0 1 0 0
77 560 203 651 Rect %I 77 560 203 651
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 113 612] concat
%I t 1 0 0 1 113 612
%I Host List
[
(Host List)
] Text
End
Begin %I Poly
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 0 0] concat
%I t 1 0 0 1 0 0
%I 4
77 700 %I 77 700
105 651 %I 105 651
175 651 %I 175 651
203 700 %I 203 700
4 Poly
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -140 -168] concat
%I t 1 0 0 1 -140 -168
Begin %I Poly
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 294 7] concat
%I t 1 0 0 1 294 7
%I 4
77 700 %I 77 700
105 651 %I 105 651
175 651 %I 175 651
203 700 %I 203 700
4 Poly
End
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 294 7] concat
%I t 1 0 0 1 294 7
77 560 203 651 Rect %I 77 560 203 651
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 392 619] concat
%I t 1 0 0 1 392 619
%I User Name List
[
(User Name List)
] Text
End
End %I eop
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 427 637] concat
%I t 1 0 0 1 427 637
%I
[
()
] Text
End
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 280 35] concat
%I t 1 0 0 1 280 35
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 0 0] concat
%I t 1 0 0 1 0 0
63 623 119 651 Rect %I 63 623 119 651
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 70 643.5] concat
%I t 1 0 0 1 70 643.5
%I Phase 0
[
(Phase 0)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 336 42] concat
%I t 1 0 0 1 336 42
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
56 679 168 707 Rect %I 56 679 168 707
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 64 699.5] concat
%I t 1 0 0 1 64 699.5
%I /etc/hosts.equiv
[
(/etc/hosts.equiv)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 238 0] concat
%I t 1 0 0 1 238 0
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
63 721 126 749 Rect %I 63 721 126 749
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 70.5 741.5] concat
%I t 1 0 0 1 70.5 741.5
%I /.rhosts
[
(/.rhosts)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 28 -224] concat
%I t 1 0 0 1 28 -224
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
343 805 420 833 Rect %I 343 805 420 833
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 351.5 825.5] concat
%I t 1 0 0 1 351.5 825.5
%I ~/.forward
[
(~/.forward)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 112 -175] concat
%I t 1 0 0 1 112 -175
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
350 756 420 784 Rect %I 350 756 420 784
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 358 776.5] concat
%I t 1 0 0 1 358 776.5
%I ~/.rhosts
[
(~/.rhosts)
] Text
End
End %I eop
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
63 742 63 742 Rect %I 63 742 63 742
End
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 252 -175] concat
%I t 1 0 0 1 252 -175
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
175 616 231 644 Rect %I 175 616 231 644
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 182 636.5] concat
%I t 1 0 0 1 182 636.5
%I Phase 1
[
(Phase 1)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 259 -176] concat
%I t 1 0 0 1 259 -176
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 0 0.5] concat
%I t 1 0 0 1 0 0.5
168 574 224 602 Rect %I 168 574 224 602
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 175 595] concat
%I t 1 0 0 1 175 595
%I Phase 2
[
(Phase 2)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 378 -42] concat
%I t 1 0 0 1 378 -42
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
105 700 189 728 Rect %I 105 700 189 728
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 114 720.5] concat
%I t 1 0 0 1 114 720.5
%I /etc/passwd
[
(/etc/passwd)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -2 -4] concat
%I t 1 0 0 1 -2 -4
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 2 4] concat
%I t 1 0 0 1 2 4
231 350 357 399 Rect %I 231 350 357 399
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 245 385] concat
%I t 1 0 0 1 245 385
%I Guessed Passwords
[
(Guessed Passwords)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 252 -175] concat
%I t 1 0 0 1 252 -175
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
175 532 231 560 Rect %I 175 532 231 560
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 182 552.5] concat
%I t 1 0 0 1 182 552.5
%I Phase 3
[
(Phase 3)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -35 -301] concat
%I t 1 0 0 1 -35 -301
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
546 658 651 686 Rect %I 546 658 651 686
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 553.5 678.5] concat
%I t 1 0 0 1 553.5 678.5
%I /usr/dict/words
[
(/usr/dict/words)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 0 -1] concat
%I t 1 0 0 1 0 -1
Begin %I Rect
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1.16667 0 0 1 4.66669 -90.5] concat
%I t 1.16667 0 0 1 4.66669 -90.5
434 490 518 518 Rect %I 434 490 518 518
End
Begin %I Text
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 518 420] concat
%I t 1 0 0 1 518 420
%I Internal Words
[
(Internal Words)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
%I t u
Begin %I Rect
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
511 441 616 469 Rect %I 511 441 616 469
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 518.5 461.5] concat
%I t 1 0 0 1 518.5 461.5
%I Obvious Guesses
[
(Obvious Guesses)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 14 -14] concat
%I t 1 0 0 1 14 -14
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 7 35] concat
%I t 1 0 0 1 7 35
203 217 280 245 Rect %I 203 217 280 245
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 227.5 272.5] concat
%I t 1 0 0 1 227.5 272.5
%I Hit rsh
[
(Hit rsh)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -153 20] concat
%I t 1 0 0 1 -153 20
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 -1.5 0.5] concat
%I t 1 0 0 1 -1.5 0.5
203 217 280 245 Rect %I 203 217 280 245
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 210 238] concat
%I t 1 0 0 1 210 238
%I Hit finger
[
(Hit finger)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -70 49] concat
%I t 1 0 0 1 -70 49
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 7 -28] concat
%I t 1 0 0 1 7 -28
203 217 280 245 Rect %I 203 217 280 245
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 224.5 209.5] concat
%I t 1 0 0 1 224.5 209.5
%I Hit SMTP
[
(Hit SMTP)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -161 469] concat
%I t 1 0 0 1 -161 469
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 0 -56] concat
%I t 1 0 0 1 0 -56
203 217 280 245 Rect %I 203 217 280 245
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 220.5 181.5] concat
%I t 1 0 0 1 220.5 181.5
%I if_init
[
(if_init)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -168 608] concat
%I t 1 0 0 1 -168 608
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 -0.5 0.5] concat
%I t 1 0 0 1 -0.5 0.5
196 112 301 140 Rect %I 196 112 301 140
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 203 133] concat
%I t 1 0 0 1 203 133
%I Interface Table
[
(Interface Table)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -161 469] concat
%I t 1 0 0 1 -161 469
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 126 -56] concat
%I t 1 0 0 1 126 -56
203 217 280 245 Rect %I 203 217 280 245
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 346.5 181.5] concat
%I t 1 0 0 1 346.5 181.5
%I rt_init
[
(rt_init)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -161 602] concat
%I t 1 0 0 1 -161 602
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
322 119 413 147 Rect %I 322 119 413 147
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 328.5 139.5] concat
%I t 1 0 0 1 328.5 139.5
%I Routing Table
[
(Routing Table)
] Text
End
End %I eop
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 336 112] concat
%I t 1 0 0 1 336 112
%I (netstat)
[
(\(netstat\))
] Text
End
End %I eop
%%Trailer
showpage
@endspecial
t-rom.300 @sf
582 2571 p (Figure) s
10 r (1:) s
13 r (The) s
11 r (structure) s
10 r (of) s
10 r (the) s
10 r (attacking) s
9 r (engine.) s
954 2842 p (10) s
@eop
11 @bop0
cmr7.300 @sf
[<0C001E001E001E001E000E000E000E00070007000300018000C0C0C0C060E0307FF87FFC7FFC6000> 14 20 -2 0 17] 55 @dc
[<0FC03FF07838E018E01CE01CE03C70FC3BF81FF01FC03FE07E7078387038703838701FE00FC0> 14 19 -1 0 17] 56 @dc
[<1F003FC070E0787078783038003C1FBC3FFC707CF03CF03CF03CF03CF038703838701FE00FC0> 14 19 -1 0 17] 57 @dc
cmr6.300 @sf
[<08001C001C001C001C001C000C000C000E0006000300C180C1807FC07FE07FE06000> 11 17 -2 0 15] 55 @dc
[<1F003F8071C0E0E0E0E0E0E073E03FC01F803F8079C071C071C071C03F801F00> 11 16 -1 0 15] 56 @dc
[<3E007F00738071C000C008E03FE07FE0E1E0E0E0E0E0E0E0E0C071C03F801F00> 11 16 -1 0 15] 57 @dc
11 @bop1
t-rom.300 @sf
-36 96 p (stream) s
8 r (connection,) s
8 r (instead) s
9 r (of) s
8 r 97 c
9 r (UDP) s
9 r (datagram) s
9 r (socket.) s
cmr7.300 @sf
851 82 p 55 c
t-rom.300 @sf
883 96 p 87 c
-2 r 101 c
-36 146 p (have) s
8 r (no) s
8 r (explanation) s
7 r (for) s
8 r (this;) s
8 r (it) s
8 r (only) s
7 r (tries) s
9 r (to) s
8 r (send) s
8 r (this) s
8 r (packet) s
-36 196 p (with) s
8 r 97 c
10 r (one) s
11 r (in) s
9 r 174 c
(fteen) s
11 r (random) s
10 r (chance.) s
t-bol.300 @sf
-36 310 p (A.3.2) s
40 r (Main) s
16 r (loop) s
t-rom.300 @sf
-36 390 p (An) s
12 r (in) s
174 c
(nite) s
13 r (loop) s
13 r (comprises) s
14 r (the) s
14 r (main) s
14 r (active) s
14 r (component) s
14 r (of) s
-36 439 p (the) s
7 r (virus.) s
13 r (It) s
9 r (calls) s
9 r (the) s
t-ita.300 @sf
9 r (cracksome) s
t-rom.300 @sf
10 r (routine) s
cmr7.300 @sf
614 425 p 56 c
t-rom.300 @sf
640 439 p (which) s
9 r (tries) s
9 r (to) s
8 r 174 c
(nd) s
-36 489 p (some) s
8 r (hosts) s
9 r (that) s
8 r (it) s
8 r (can) s
10 r (break) s
9 r (in) s
8 r (to.) s
13 r (Then) s
9 r (it) s
9 r (waits) s
8 r (30) s
9 r (seconds,) s
-36 539 p (list) s
-1 r (ening) s
12 r (for) s
13 r (other) s
14 r (virus) s
13 r (programs) s
14 r (attempting) s
13 r (to) s
13 r (break) s
15 r (in,) s
-36 589 p (and) s
9 r (tries) s
10 r (to) s
9 r (break) s
11 r (into) s
9 r (another) s
10 r (batch) s
10 r (of) s
10 r (machines.) s
4 639 p (After) s
7 r (this) s
6 r (round) s
6 r (of) s
7 r (attacks,) s
8 r (it) s
7 r (forks,) s
7 r (creating) s
7 r (two) s
7 r (copies) s
7 r (of) s
-36 689 p (the) s
9 r (virus;) s
9 r (the) s
11 r (original) s
9 r (\(parent\)) s
10 r (dies,) s
11 r (leaving) s
10 r (the) s
10 r (fresh) s
11 r (copy) s
-2 r 46 c
-36 739 p (The) s
13 r (child) s
14 r (copy) s
14 r (has) s
15 r (all) s
13 r (of) s
14 r (the) s
15 r (information) s
12 r (the) s
14 r (parent) s
14 r (had,) s
-36 789 p (whil) s
-1 r 101 c
8 r (not) s
8 r (having) s
8 r (the) s
9 r (accumulated) s
10 r (CPU) s
8 r (usage) s
10 r (of) s
9 r (the) s
8 r (parent.) s
-36 839 p (It) s
9 r (also) s
9 r (has) s
11 r 97 c
11 r (new) s
11 r (process) s
10 r (id,) s
10 r (making) s
10 r (it) s
10 r (hard) s
10 r (to) s
10 r 174 c
(nd.) s
4 889 p (Next,) s
12 r (the) s
t-ita.300 @sf
12 r (hg) s
t-rom.300 @sf
44 c
t-ita.300 @sf
12 r (hl) s
t-rom.300 @sf
44 c
11 r (and) s
t-ita.300 @sf
12 r (ha) s
t-rom.300 @sf
11 r (routines) s
11 r (search) s
13 r (for) s
11 r (machines) s
12 r (to) s
-36 939 p (infect) s
10 r (\(see) s
12 r (Appendix) s
10 r (A.5\).) s
18 r (The) s
12 r (program) s
12 r (sleeps) s
12 r (for) s
11 r 50 c
11 r (min-) s
-36 989 p (utes,) s
9 r (and) s
10 r (then) s
10 r (checks) s
11 r (to) s
10 r (see) s
11 r (if) s
10 r (it) s
9 r (has) s
11 r (been) s
10 r (running) s
9 r (for) s
9 r (more) s
-36 1039 p (than) s
11 r (12) s
12 r (hours,) s
13 r (cleaning) s
13 r (up) s
12 r (some) s
13 r (of) s
13 r (the) s
12 r (entries) s
13 r (in) s
12 r (the) s
12 r (host) s
-36 1089 p (list) s
8 r (if) s
9 r (it) s
10 r (has.) s
4 1139 p (Finally) s
-2 r 44 c
15 r (before) s
16 r (repeating,) s
17 r (it) s
15 r (checks) s
17 r (the) s
15 r (global) s
15 r (variable) s
c-med.300 @sf
-36 1189 p (pleasequit) s
t-rom.300 @sf
46 c
14 r (If) s
11 r (it) s
11 r (is) s
10 r (set,) s
t-ita.300 @sf
12 r (and) s
t-rom.300 @sf
11 r (if) s
11 r (it) s
10 r (has) s
11 r (tried) s
11 r (more) s
11 r (than) s
11 r (10) s
-36 1239 p (words) s
10 r (from) s
11 r (its) s
11 r (own) s
11 r (dictionary) s
10 r (against) s
11 r (existing) s
10 r (passwords,) s
-36 1289 p (it) s
12 r (quit) s
-1 r (s.) s
21 r (Thus) s
14 r (forcing) s
c-med.300 @sf
12 r (pleasequit) s
t-rom.300 @sf
12 r (to) s
12 r (be) s
14 r (set) s
13 r (in) s
13 r (the) s
13 r (sys-) s
-36 1338 p (tem) s
10 r (libraries) s
10 r (will) s
10 r (do) s
11 r (very) s
11 r (little) s
9 r (to) s
11 r (stem) s
12 r (the) s
11 r (progress) s
11 r (of) s
10 r (this) s
-36 1388 p (viru) s
-1 r 115 c
cmr7.300 @sf
47 1374 p 57 c
t-rom.300 @sf
64 1388 p 46 c
t-bol.360 @sf
-36 1511 p (A.4) s
49 r (Cracking) s
18 r 114 c
(outines) s
t-rom.300 @sf
-36 1590 p (This) s
18 r (collection) s
18 r (of) s
20 r (routines) s
18 r (is) s
20 r (the) s
19 r 96 c
-2 r (`brain') s
-3 r 39 c
17 r (of) s
20 r (the) s
19 r (virus.) s
t-ita.300 @sf
-36 1640 p (cracksome) s
t-rom.300 @sf
44 c
12 r (the) s
12 r (main) s
12 r (switch,) s
11 r (chooses) s
12 r (which) s
12 r (of) s
11 r (four) s
11 r (strate-) s
-36 1690 p (gies) s
10 r (to) s
11 r (execute.) s
18 r (It) s
11 r (is) s
11 r (would) s
10 r (be) s
12 r (the) s
11 r (central) s
12 r (point) s
10 r (for) s
10 r (adding) s
-36 1740 p (new) s
17 r (strategies) s
18 r (if) s
18 r (the) s
18 r (virus) s
17 r (were) s
19 r (to) s
18 r (be) s
18 r (further) s
17 r (extended.) s
-36 1790 p (The) s
17 r (virus) s
16 r (works) s
18 r (each) s
18 r (strategy) s
17 r (through) s
16 r (completely) s
-2 r 44 c
19 r (then) s
-36 1839 p (switches) s
12 r (to) s
13 r (the) s
13 r (next) s
13 r (one.) s
23 r (Each) s
14 r (pass) s
14 r (through) s
11 r (the) s
14 r (cracking) s
-36 1889 p (rout) s
-1 r (ines) s
7 r (only) s
8 r (performs) s
8 r 97 c
9 r (small) s
9 r (amount) s
8 r (of) s
9 r (work,) s
8 r (but) s
8 r (enough) s
-36 1939 p (state) s
10 r (is) s
11 r (remembered) s
13 r (in) s
10 r (each) s
12 r (pass) s
12 r (to) s
11 r (continue) s
10 r (the) s
11 r (next) s
11 r (time) s
-36 1989 p (around.) s
t-bol.300 @sf
-36 2103 p (A.4.1) s
40 r (cracksome) s
t-rom.300 @sf
-36 2183 p (The) s
t-ita.300 @sf
13 r (cracksome) s
t-rom.300 @sf
15 r (routine) s
13 r (is) s
13 r (the) s
14 r (central) s
13 r (switching) s
13 r (routine) s
12 r (of) s
-36 2232 p (the) s
10 r (cracking) s
11 r (code.) s
18 r (It) s
11 r (decides) s
12 r (which) s
11 r (of) s
11 r (the) s
11 r (cracking) s
12 r (strate-) s
-36 2282 p (gies) s
12 r (is) s
14 r (actually) s
13 r (exercised) s
15 r (next.) s
24 r (Again,) s
14 r (note) s
13 r (that) s
14 r (this) s
12 r (rou-) s
-36 2332 p (tin) s
-1 r 101 c
12 r (was) s
14 r (named) s
14 r (in) s
12 r (the) s
13 r (global) s
12 r (symbol) s
13 r (table.) s
22 r (It) s
13 r (could) s
12 r (have) s
-36 2382 p (been) s
8 r (given) s
8 r 97 c
9 r (confusing) s
8 r (or) s
8 r (random) s
9 r (name,) s
10 r (but) s
8 r (it) s
8 r (was) s
9 r (actually) s
-36 2432 p (clearly) s
7 r (labelled,) s
10 r (which) s
8 r (lends) s
9 r (some) s
9 r (credence) s
11 r (to) s
8 r (the) s
9 r (idea) s
9 r (that) s
-36 2482 p (the) s
9 r (virus) s
9 r (was) s
11 r (released) s
11 r (prematurely) s
-2 r 46 c
-36 2520 p 390 2 ru
cmr6.300 @sf
5 2548 p 55 c
t-rom.240 @sf
22 2559 p (If) s
9 r (the) s
9 r (author) s
8 r (had) s
8 r (been) s
7 r (as) s
9 r (careful) s
8 r (with) s
9 r (error) s
9 r (checking) s
7 r (here) s
8 r (as) s
8 r (he) s
9 r (tried) s
-36 2598 p (to) s
10 r (be) s
9 r (elsewhere,) s
11 r (he) s
10 r (would) s
10 r (have) s
9 r (noted) s
10 r (the) s
10 r (error) s
11 r 96 c
-1 r (`sock) s
-1 r (et) s
9 r (not) s
10 r (connected') s
-3 r 39 c
-36 2638 p (every) s
6 r (time) s
8 r (this) s
8 r (routine) s
8 r (is) s
8 r (invoked.) s
cmr6.300 @sf
5 2666 p 56 c
t-rom.240 @sf
22 2677 p (This) s
9 r (name) s
7 r (was) s
8 r (actually) s
7 r (in) s
8 r (the) s
8 r (symbol) s
7 r (table) s
8 r (of) s
8 r (the) s
8 r (distributed) s
7 r (binary!) s
cmr6.300 @sf
5 2706 p 57 c
t-rom.240 @sf
22 2717 p (Although) s
7 r (it) s
9 r (was) s
8 r (suggested) s
6 r (very) s
7 r (early) s
8 r 91 c
(20) s
-1 r (].) s
t-bol.300 @sf
1012 96 p (A.4.2) s
42 r (Phase) s
17 r 48 c
t-rom.300 @sf
1012 176 p (The) s
18 r 174 c
(rst) s
17 r (phase) s
18 r (of) s
17 r (the) s
t-ita.300 @sf
17 r (cracksome) s
t-rom.300 @sf
18 r (routines) s
16 r (reads) s
18 r (through) s
1012 226 p (the) s
c-med.300 @sf
10 r (/etc/hosts.equiv) s
8 r t-rom.300 @sf
174 c
(le) s
9 r (to) s
9 r 174 c
(nd) s
9 r (machine) s
11 r (names) s
10 r (that) s
1012 276 p (would) s
9 r (be) s
9 r (likely) s
8 r (tar) s
(gets.) s
13 r (While) s
9 r (this) s
8 r 174 c
(le) s
10 r (indicates) s
9 r (what) s
9 r (hosts) s
1012 326 p (the) s
12 r (current) s
11 r (machine) s
12 r (trusts,) s
11 r (it) s
11 r (is) s
11 r (fairly) s
11 r (common) s
12 r (to) s
10 r 174 c
(nd) s
12 r (sys-) s
1012 375 p (tems) s
14 r (where) s
13 r (all) s
13 r (machines) s
14 r (in) s
12 r 97 c
14 r (cluster) s
13 r (trust) s
12 r (each) s
14 r (other) s
-1 r 44 c
13 r (and) s
1012 425 p (at) s
16 r (the) s
14 r (very) s
15 r (least) s
15 r (it) s
14 r (is) s
15 r (likely) s
14 r (that) s
14 r (people) s
15 r (with) s
14 r (accounts) s
15 r (on) s
1012 475 p (this) s
7 r (machine) s
8 r (will) s
6 r (have) s
8 r (accounts) s
7 r (on) s
7 r (the) s
7 r (other) s
7 r (machines) s
8 r (men-) s
1012 525 p (tioned) s
10 r (in) s
c-med.300 @sf
9 r (/etc/hosts.equiv) s
t-rom.300 @sf
46 c
1054 576 p (It) s
13 r (also) s
14 r (reads) s
15 r (the) s
c-med.300 @sf
13 r (/.rhosts) s
14 r t-rom.300 @sf
174 c
(le,) s
15 r (which) s
13 r (lists) s
13 r (the) s
14 r (set) s
14 r (of) s
1012 626 p (machines) s
15 r (that) s
13 r (this) s
13 r (machine) s
14 r (trusts) s
13 r (root) s
13 r (access) s
16 r (from.) s
24 r (Note) s
1012 675 p (that) s
14 r (it) s
14 r (does) s
14 r (not) s
14 r (take) s
14 r (advantage) s
15 r (of) s
14 r (the) s
14 r (trust) s
13 r (itself) s
14 r 91 c
(21) s
-1 r 93 c
14 r (but) s
1012 725 p (merely) s
15 r (uses) s
14 r (the) s
13 r (names) s
15 r (as) s
15 r 97 c
14 r (list) s
12 r (of) s
14 r (additional) s
12 r (machines) s
14 r (to) s
1012 775 p (attack.) s
14 r (Often,) s
7 r (system) s
8 r (managers) s
8 r (will) s
6 r (deny) s
7 r (read) s
8 r (access) s
9 r (to) s
6 r (this) s
1012 825 p 174 c
(le) s
9 r (to) s
9 r (any) s
8 r (user) s
9 r (other) s
8 r (than) s
9 r (root) s
7 r (itself,) s
9 r (to) s
8 r (avoid) s
8 r (providing) s
7 r (any) s
1012 875 p (easy) s
13 r (list) s
10 r (of) s
11 r (secondary) s
11 r (tar) s
(gets) s
10 r (that) s
11 r (could) s
11 r (be) s
11 r (used) s
12 r (to) s
10 r (subvert) s
1012 925 p (the) s
13 r (machine;) s
13 r (this) s
12 r (practice) s
13 r (would) s
11 r (have) s
13 r (prevented) s
12 r (the) s
12 r (virus) s
1012 974 p (from) s
7 r (discovering) s
6 r (those) s
7 r (names,) s
9 r (although) s
c-med.300 @sf
5 r (/.rhosts) s
t-rom.300 @sf
7 r (is) s
7 r (very) s
1012 1024 p (often) s
10 r 97 c
11 r (subset) s
10 r (of) s
c-med.300 @sf
10 r (/etc/hosts.equiv) s
t-rom.300 @sf
46 c
1054 1075 p (The) s
16 r (program) s
15 r (then) s
15 r (reads) s
16 r (the) s
15 r (entire) s
15 r (local) s
15 r (password) s
15 r 174 c
(le,) s
c-med.300 @sf
1012 1125 p (/etc/passwd) s
t-rom.300 @sf
46 c
21 r (It) s
12 r (uses) s
13 r (this) s
12 r (to) s
12 r 174 c
(nd) s
12 r (personal) s
c-med.300 @sf
12 r (.forward) s
1012 1175 p t-rom.300 @sf
174 c
(les,) s
12 r (and) s
11 r (reads) s
11 r (them) s
11 r (in) s
11 r (search) s
12 r (of) s
10 r (names) s
12 r (of) s
10 r (other) s
11 r (machines) s
1012 1225 p (it) s
18 r (can) s
19 r (attack.) s
38 r (It) s
18 r (also) s
18 r (records) s
19 r (the) s
18 r (user) s
18 r (name,) s
22 r (encrypted) s
1012 1274 p (password,) s
22 r (and) s
t-ita.300 @sf
18 r (GECOS) s
t-rom.300 @sf
19 r (information) s
17 r (string,) s
19 r (all) s
19 r (of) s
18 r (which) s
1012 1324 p (are) s
15 r (stored) s
14 r (in) s
13 r (the) s
c-med.300 @sf
14 r (/etc/passwd) s
13 r t-rom.300 @sf
174 c
(le.) s
25 r (Once) s
15 r (the) s
14 r (program) s
1012 1374 p (scanned) s
12 r (the) s
10 r (entire) s
10 r 174 c
(le,) s
10 r (it) s
10 r (advanced) s
11 r (to) s
10 r (Phase) s
11 r (1.) s
t-bol.300 @sf
1012 1491 p (A.4.3) s
42 r (Phase) s
17 r 49 c
t-rom.300 @sf
1012 1571 p (This) s
11 r (phase) s
11 r (of) s
11 r (the) s
10 r (cracking) s
11 r (code) s
11 r (attacked) s
11 r (passwords) s
10 r (on) s
11 r (the) s
1012 1621 p (local) s
13 r (machine.) s
23 r (It) s
13 r (chose) s
13 r (several) s
14 r (likely) s
12 r (passwords) s
13 r (for) s
12 r (each) s
1012 1671 p (user) s
-1 r 44 c
11 r (which) s
11 r (were) s
12 r (then) s
10 r (encrypted) s
11 r (and) s
11 r (compared) s
11 r (against) s
11 r (the) s
1012 1721 p (encryptions) s
10 r (obtained) s
9 r (in) s
10 r (Phase) s
11 r 48 c
10 r (from) s
c-med.300 @sf
10 r (/etc/passwd) s
t-rom.300 @sf
58 c
cmsy10.300 @sf
1054 1772 p 15 c
t-rom.300 @sf
20 r (No) s
11 r (password) s
10 r (at) s
10 r (all.) s
cmsy10.300 @sf
1054 1821 p 15 c
t-rom.300 @sf
20 r (The) s
11 r (user) s
11 r (name) s
11 r (itself.) s
cmsy10.300 @sf
1054 1871 p 15 c
t-rom.300 @sf
20 r (The) s
11 r (user) s
11 r (name) s
11 r (appended) s
11 r (to) s
9 r (itself.) s
cmsy10.300 @sf
1054 1921 p 15 c
t-rom.300 @sf
20 r (The) s
11 r (second) s
10 r (of) s
9 r (the) s
10 r (comma) s
11 r (separated) s
t-ita.300 @sf
11 r (GECOS) s
t-rom.300 @sf
9 r (informa-) s
1095 1971 p (tion) s
9 r 174 c
(elds,) s
11 r (which) s
10 r (is) s
10 r (commonly) s
10 r 97 c
11 r (nickname.) s
cmsy10.300 @sf
1054 2021 p 15 c
t-rom.300 @sf
20 r (The) s
12 r (remainder) s
12 r (of) s
11 r (the) s
11 r (full) s
10 r (name) s
12 r (after) s
11 r (the) s
11 r 174 c
(rst) s
11 r (name) s
12 r (in) s
1095 2070 p (the) s
t-ita.300 @sf
14 r (GECOS) s
14 r t-rom.300 @sf
174 c
(elds,) s
16 r (i.e.) s
26 r (probably) s
12 r (the) s
14 r (last) s
14 r (name,) s
17 r (with) s
1095 2120 p (the) s
11 r 174 c
(rst) s
10 r (letter) s
9 r (converted) s
10 r (to) s
10 r (lower) s
10 r (case.) s
cmsy10.300 @sf
1054 2170 p 15 c
t-rom.300 @sf
20 r (This) s
11 r 96 c
-2 r (`last) s
8 r (name') s
-2 r 39 c
10 r (reversed.) s
1054 2221 p (All) s
14 r (of) s
15 r (these) s
15 r (attacks) s
15 r (are) s
16 r (applied) s
14 r (to) s
14 r 174 c
(fty) s
14 r (passwords) s
15 r (at) s
15 r 97 c
1012 2271 p (time) s
13 r (from) s
12 r (those) s
12 r (collected) s
12 r (in) s
12 r (Phase) s
13 r (0.) s
20 r (Once) s
13 r (it) s
11 r (had) s
13 r (tried) s
11 r (to) s
1012 2321 p (guess) s
14 r (the) s
13 r (passwords) s
13 r (for) s
13 r (all) s
13 r (local) s
13 r (accounts,) s
15 r (it) s
12 r (advanced) s
14 r (to) s
1012 2371 p (Phase) s
12 r (2.) s
t-bol.300 @sf
1012 2488 p (A.4.4) s
42 r (Phase) s
17 r 50 c
t-rom.300 @sf
1012 2568 p (Phase) s
16 r 50 c
15 r (takes) s
15 r (the) s
14 r (internal) s
14 r (word) s
14 r (list) s
13 r (distribut) s
-1 r (ed) s
13 r (as) s
16 r (part) s
14 r (of) s
1012 2617 p (the) s
14 r (virus) s
14 r (\(see) s
15 r (Appendix) s
13 r (B\)) s
14 r (and) s
14 r (shuf) s
175 c
(es) s
13 r (it.) s
25 r (Then) s
15 r (it) s
13 r (takes) s
1012 2667 p (the) s
13 r (words) s
12 r (one) s
13 r (at) s
13 r 97 c
13 r (time) s
13 r (and) s
13 r (decodes) s
13 r (them) s
13 r (\(the) s
12 r (high) s
12 r (bit) s
12 r (is) s
1012 2717 p (set) s
11 r (on) s
11 r (all) s
10 r (of) s
11 r (the) s
10 r (characters) s
12 r (to) s
11 r (obscure) s
11 r (them\)) s
10 r (and) s
11 r (tries) s
10 r (them) s
955 2842 p 49 c
-1 r 49 c
@eop
12 @bop0
12 @bop1
t-rom.300 @sf
-36 96 p (against) s
9 r (all) s
11 r (collected) s
11 r (passwords.) s
17 r (It) s
11 r (maintains) s
10 r 97 c
12 r (global) s
10 r (vari-) s
-36 146 p (able) s
c-med.300 @sf
8 r (nextw) s
t-rom.300 @sf
9 r (as) s
10 r (an) s
9 r (index) s
9 r (into) s
8 r (this) s
8 r (table.) s
14 r (The) s
10 r (main) s
9 r (loop) s
8 r (uses) s
-36 196 p (thi) s
-1 r 115 c
7 r (to) s
7 r (prevent) s
c-med.300 @sf
8 r (pleasequit) s
t-rom.300 @sf
7 r (from) s
8 r (causing) s
8 r (the) s
8 r (virus) s
7 r (to) s
7 r (exit) s
-36 246 p (unti) s
-1 r 108 c
7 r (at) s
9 r (least) s
10 r (ten) s
9 r (of) s
9 r (the) s
9 r (words) s
9 r (have) s
10 r (been) s
10 r (checked) s
10 r (against) s
9 r (all) s
-36 295 p (of) s
8 r (the) s
11 r (encryptions) s
9 r (in) s
9 r (the) s
10 r (collected) s
11 r (list.) s
4 345 p (Again,) s
8 r (when) s
7 r (the) s
7 r (word) s
6 r (list) s
6 r (is) s
7 r (exhausted) s
7 r (the) s
7 r (virus) s
6 r (advances) s
-36 395 p (to) s
8 r (Phase) s
11 r (3.) s
t-bol.300 @sf
-36 504 p (A.4.5) s
40 r (Phase) s
17 r 51 c
t-rom.300 @sf
-36 581 p (Phase) s
18 r 51 c
18 r (looks) s
18 r (at) s
18 r (the) s
19 r (local) s
c-med.300 @sf
18 r (/usr/dict/words) s
17 r t-rom.300 @sf
174 c
(le,) s
21 r 97 c
-36 631 p (24474) s
8 r (word) s
11 r (list) s
9 r (distributed) s
9 r (with) s
10 r (4.3BSD) s
11 r (\(and) s
10 r (other) s
11 r (UNIX) s
-36 681 p (systems\)) s
11 r (as) s
13 r 97 c
13 r (spelling) s
11 r (dictionary) s
-3 r 46 c
19 r (The) s
12 r (words) s
12 r (are) s
13 r (stored) s
12 r (in) s
-36 731 p (thi) s
-1 r 115 c
15 r 174 c
(le) s
16 r (one) s
16 r (word) s
16 r (per) s
16 r (line.) s
31 r (One) s
17 r (word) s
15 r (at) s
17 r 97 c
16 r (time) s
16 r (is) s
16 r (tried) s
-36 781 p (against) s
12 r (all) s
14 r (encrypted) s
13 r (passwords.) s
25 r (If) s
14 r (the) s
14 r (word) s
13 r (begins) s
14 r (with) s
-36 830 p (an) s
14 r (upper) s
14 r (case) s
16 r (letter) s
-1 r 44 c
15 r (the) s
15 r (letter) s
14 r (is) s
15 r (converted) s
14 r (to) s
15 r (lower) s
14 r (case) s
-36 880 p (and) s
9 r (the) s
10 r (word) s
10 r (is) s
10 r (tried) s
9 r (again.) s
4 930 p (When) s
10 r (the) s
11 r (dictionary) s
8 r (runs) s
10 r (out,) s
10 r (the) s
10 r (phase) s
11 r (counter) s
10 r (is) s
10 r (again) s
-36 980 p (advanced) s
20 r (to) s
19 r 52 c
21 r (\(thus) s
19 r (no) s
20 r (more) s
21 r (password) s
20 r (cracking) s
21 r (is) s
20 r (at-) s
-36 1030 p (tempted\).) s
t-bol.360 @sf
-36 1147 p (A.5) s
49 r 72 c
18 r 114 c
(outines) s
t-rom.300 @sf
-36 1224 p (The) s
16 r 96 c
-2 r (`h) s
14 r (routines') s
-2 r 39 c
14 r (are) s
18 r 97 c
16 r (collection) s
16 r (of) s
16 r (routines) s
15 r (with) s
15 r (short) s
-36 1274 p (names,) s
15 r (such) s
14 r (as) s
t-ita.300 @sf
14 r (hg) s
t-rom.300 @sf
44 c
t-ita.300 @sf
15 r (ha) s
t-rom.300 @sf
44 c
t-ita.300 @sf
15 r (hi) s
t-rom.300 @sf
44 c
14 r (and) s
t-ita.300 @sf
14 r (hl) s
t-rom.300 @sf
44 c
15 r (which) s
13 r (search) s
15 r (for) s
13 r (other) s
-36 1324 p (hosts) s
8 r (to) s
10 r (attack.) s
t-bol.300 @sf
-36 1433 p (A.5.1) s
40 r (hg) s
t-rom.300 @sf
-36 1510 p (The) s
t-ita.300 @sf
8 r (hg) s
t-rom.300 @sf
7 r (routine) s
8 r (calls) s
t-ita.300 @sf
8 r (rt) s
2 r 13 2 ru
13 r (init) s
t-rom.300 @sf
7 r (\(if) s
7 r (it) s
8 r (has) s
9 r (not) s
7 r (already) s
9 r (been) s
9 r (called\)) s
-36 1560 p (to) s
11 r (scan) s
14 r (the) s
13 r (routing) s
12 r (table,) s
14 r (and) s
13 r (records) s
13 r (all) s
13 r (gateways) s
14 r (except) s
-36 1610 p (the) s
8 r (loopback) s
9 r (address) s
10 r (in) s
9 r 97 c
11 r (special) s
10 r (list.) s
12 r (It) s
10 r (then) s
9 r (tries) s
9 r 97 c
10 r (generic) s
-36 1660 p (attack) s
13 r (routine) s
13 r (to) s
14 r (attack) s
14 r (via) s
c-med.300 @sf
14 r (rsh) s
t-rom.300 @sf
44 c
c-med.300 @sf
16 r (finger) s
t-rom.300 @sf
44 c
15 r (and) s
15 r (SMTP) s
-4 r 46 c
14 r (It) s
-36 1710 p (returns) s
8 r (after) s
11 r (the) s
10 r 174 c
(rst) s
10 r (successful) s
11 r (attack.) s
t-bol.300 @sf
-36 1818 p (A.5.2) s
40 r (ha) s
t-rom.300 @sf
-36 1896 p (The) s
t-ita.300 @sf
10 r (ha) s
t-rom.300 @sf
11 r (routine) s
10 r (goes) s
11 r (through) s
10 r (the) s
11 r (gateway) s
11 r (list) s
10 r (and) s
11 r (connects) s
-36 1946 p (to) s
7 r (TCP) s
10 r (port) s
9 r (23,) s
9 r (the) s
10 r (telnet) s
8 r (port,) s
9 r (looking) s
8 r (for) s
9 r (gateways) s
10 r (which) s
-36 1996 p (are) s
9 r (running) s
7 r (telnet) s
9 r (listeners.) s
13 r (It) s
9 r (randomizes) s
9 r (the) s
9 r (order) s
9 r (of) s
9 r (such) s
-36 2045 p (gateways) s
8 r (and) s
9 r (calls) s
t-ita.300 @sf
10 r (hn) s
t-rom.300 @sf
8 r (\(our) s
9 r (name\)) s
10 r (with) s
8 r (the) s
8 r (network) s
9 r (number) s
-36 2095 p (of) s
9 r (each) s
12 r (gateway) s
-2 r 46 c
15 r (The) s
t-ita.300 @sf
11 r (ha) s
t-rom.300 @sf
11 r (returns) s
10 r (after) s
t-ita.300 @sf
11 r (hn) s
t-rom.300 @sf
10 r (reports) s
10 r (that) s
10 r (it) s
10 r (has) s
-36 2145 p (succeeded) s
10 r (broken) s
10 r (into) s
9 r 97 c
11 r (host.) s
t-bol.300 @sf
-36 2254 p (A.5.3) s
40 r (hl) s
t-rom.300 @sf
-36 2331 p (The) s
t-ita.300 @sf
7 r (hl) s
t-rom.300 @sf
7 r (routine) s
7 r (iterates) s
8 r (through) s
6 r (all) s
8 r (the) s
7 r (addresses) s
10 r (for) s
7 r (the) s
8 r (local) s
-36 2381 p (machine) s
10 r (calling) s
t-ita.300 @sf
10 r (hn) s
t-rom.300 @sf
10 r (with) s
10 r (the) s
10 r (network) s
10 r (number) s
11 r (for) s
10 r (each) s
12 r (one.) s
-36 2431 p (It) s
9 r (returns) s
9 r (if) s
t-ita.300 @sf
10 r (hn) s
t-rom.300 @sf
10 r (indicates) s
9 r (success) s
12 r (in) s
10 r (breaking) s
10 r (into) s
9 r 97 c
10 r (host.) s
t-bol.300 @sf
-36 2540 p (A.5.4) s
40 r (hi) s
t-rom.300 @sf
-36 2617 p (The) s
t-ita.300 @sf
11 r (hi) s
t-rom.300 @sf
12 r (routine) s
11 r (goes) s
13 r (through) s
10 r (the) s
12 r (internal) s
12 r (host) s
11 r (list) s
11 r (\(see) s
14 r (sec-) s
-36 2667 p (tio) s
-1 r 110 c
8 r (A.4.2\)) s
10 r (and) s
10 r (tries) s
10 r (to) s
9 r (attack) s
10 r (each) s
11 r (host) s
10 r (via) s
c-med.300 @sf
9 r (rsh) s
t-rom.300 @sf
44 c
c-med.300 @sf
11 r (finger) s
t-rom.300 @sf
44 c
-36 2717 p (and) s
9 r (SMTP) s
-4 r 46 c
10 r (It) s
10 r (returns) s
10 r (if) s
10 r (when) s
10 r (one) s
10 r (host) s
10 r (is) s
10 r (infected.) s
t-bol.300 @sf
1012 96 p (A.5.5) s
42 r (hn) s
t-rom.300 @sf
1012 197 p (The) s
t-ita.300 @sf
8 r (hn) s
t-rom.300 @sf
7 r (routine) s
5 r (\(our) s
7 r (name\)) s
8 r (followed) s
t-ita.300 @sf
5 r (hi) s
t-rom.300 @sf
7 r (takes) s
7 r 97 c
8 r (network) s
6 r (num-) s
1012 247 p (ber) s
14 r (as) s
13 r (an) s
13 r (ar) s
(gument.) s
22 r (Surprisingl) s
-1 r 121 c
11 r (it) s
12 r (returns) s
12 r (if) s
13 r (the) s
12 r (network) s
1012 297 p (number) s
10 r (supplied) s
9 r (is) s
10 r (the) s
10 r (same) s
11 r (as) s
11 r (the) s
10 r (network) s
9 r (number) s
10 r (of) s
10 r (any) s
1012 346 p (of) s
16 r (the) s
16 r (interfaces) s
16 r (on) s
15 r (the) s
16 r (local) s
16 r (machine.) s
31 r (For) s
16 r (Class) s
16 r 65 c
15 r (ad-) s
1012 396 p (dresses) s
14 r (it) s
12 r (uses) s
13 r (the) s
13 r (Arpanet) s
12 r (IMP) s
13 r (convention) s
11 r (to) s
12 r (create) s
14 r (pos-) s
1012 446 p (sible) s
10 r (addresses) s
11 r (to) s
9 r (attack) s
10 r (\(net.[1-8].0.[1-255]\).) s
12 r (For) s
10 r (all) s
9 r (other) s
1012 496 p (networks) s
11 r (it) s
11 r (guesses) s
13 r (hosts) s
11 r (number) s
11 r (one) s
12 r (through) s
10 r (255) s
11 r (on) s
11 r (that) s
1012 546 p (network.) s
30 r (It) s
16 r (randomizes) s
16 r (the) s
15 r (order) s
16 r (of) s
15 r (this) s
15 r (list) s
15 r (of) s
15 r (possible) s
1012 596 p (hosts) s
13 r (and) s
14 r (tries) s
12 r (to) s
13 r (attack) s
14 r (up) s
13 r (to) s
12 r (twenty) s
13 r (of) s
13 r (them) s
13 r (using) s
c-med.300 @sf
12 r (rsh) s
t-rom.300 @sf
44 c
c-med.300 @sf
1012 645 p (finger) s
t-rom.300 @sf
44 c
11 r (and) s
10 r (SMTP) s
-4 r 46 c
10 r (If) s
10 r 97 c
11 r (host) s
9 r (does) s
11 r (not) s
9 r (accept) s
11 r (connections) s
1012 695 p (on) s
11 r (TCP) s
11 r (port) s
10 r (514,) s
11 r (the) s
c-med.300 @sf
11 r (rsh) s
t-rom.300 @sf
11 r (port,) s
t-ita.300 @sf
11 r (hn) s
t-rom.300 @sf
10 r (will) s
10 r (not) s
10 r (try) s
10 r (to) s
11 r (attack) s
11 r (it.) s
1012 745 p (If) s
10 r 97 c
11 r (host) s
10 r (is) s
10 r (successfully) s
10 r (attacked) s
t-ita.300 @sf
11 r (hn) s
t-rom.300 @sf
10 r (returns.) s
t-bol.300 @sf
1012 922 p (A.5.6) s
42 r (Usage) s
t-rom.300 @sf
1012 1023 p (The) s
13 r 96 c
-2 r (`h) s
11 r (routines') s
-3 r 39 c
10 r (are) s
13 r (called) s
12 r (in) s
12 r (groups) s
11 r (in) s
12 r (the) s
11 r (main) s
13 r (loop;) s
11 r (if) s
1012 1073 p (the) s
13 r 174 c
(rst) s
12 r (routine) s
11 r (succeedes) s
14 r (in) s
12 r 174 c
(nding) s
11 r 97 c
13 r (vulnerable) s
12 r (host) s
12 r (the) s
1012 1123 p (remaining) s
11 r (routines) s
10 r (are) s
11 r (not) s
11 r (called) s
11 r (in) s
10 r (the) s
11 r (current) s
11 r (pass.) s
16 r (Each) s
1012 1173 p (routine) s
14 r (returns) s
13 r (after) s
15 r (it) s
13 r 174 c
(nds) s
14 r (one) s
15 r (vulnerable) s
13 r (host.) s
26 r (The) s
t-ita.300 @sf
15 r (hg) s
t-rom.300 @sf
1012 1223 p (routine) s
11 r (is) s
12 r (always) s
13 r (called) s
12 r 174 c
(rst,) s
13 r (which) s
12 r (indicates) s
12 r (the) s
12 r (virus) s
11 r (re-) s
1012 1272 p (ally) s
16 r (wanted) s
15 r (to) s
16 r (infect) s
15 r (gateway) s
16 r (machines.) s
32 r (Next) s
15 r (comes) s
t-ita.300 @sf
17 r (hi) s
t-rom.300 @sf
1012 1322 p (which) s
11 r (tried) s
10 r (to) s
11 r (infect) s
10 r (normal) s
11 r (hosts) s
10 r (found) s
10 r (via) s
t-ita.300 @sf
11 r (cracksome) s
t-rom.300 @sf
46 c
18 r (If) s
t-ita.300 @sf
1012 1372 p (hi) s
t-rom.300 @sf
7 r (fails,) s
t-ita.300 @sf
8 r (ha) s
t-rom.300 @sf
7 r (is) s
7 r (called,) s
9 r (which) s
6 r (seemed) s
9 r (to) s
7 r (try) s
6 r (breaking) s
7 r (into) s
6 r (hosts) s
1012 1422 p (with) s
14 r (randomly) s
13 r (guessed) s
15 r (addresses) s
15 r (on) s
14 r (the) s
14 r (far) s
14 r (side) s
15 r (of) s
13 r (gate-) s
1012 1472 p (ways.) s
15 r (This) s
9 r (assumes) s
11 r (that) s
9 r (all) s
9 r (the) s
10 r (addresses) s
10 r (for) s
9 r (gateways) s
11 r (had) s
1012 1521 p (been) s
13 r (obtained) s
11 r (\(which) s
12 r (is) s
12 r (not) s
11 r (trivial) s
10 r (to) s
12 r (verify) s
11 r (from) s
12 r (the) s
12 r (con-) s
1012 1571 p (voluted) s
14 r (code) s
15 r (in) s
t-ita.300 @sf
14 r (rt) s
15 r (init) s
t-rom.300 @sf
(\),) s
15 r (and) s
15 r (implies) s
14 r (that) s
14 r (the) s
15 r (virus) s
14 r (would) s
1012 1621 p (prefer) s
14 r (to) s
12 r (infect) s
12 r 97 c
14 r (gateway) s
13 r (and) s
13 r (from) s
13 r (there) s
13 r (reach) s
13 r (out) s
12 r (to) s
13 r (the) s
1012 1671 p (gateway') s
-1 r 115 c
8 r (connected) s
8 r (networks,) s
8 r (rather) s
8 r (than) s
8 r (trying) s
6 r (to) s
7 r (hop) s
8 r (the) s
1012 1721 p (gateway) s
10 r (directly) s
-2 r 46 c
12 r (If) s
t-ita.300 @sf
9 r (hg) s
t-rom.300 @sf
44 c
t-ita.300 @sf
10 r (hi) s
t-rom.300 @sf
44 c
9 r (and) s
t-ita.300 @sf
9 r (ha) s
t-rom.300 @sf
9 r (all) s
9 r (failed) s
9 r (to) s
9 r (infect) s
9 r 97 c
10 r (host,) s
1012 1771 p (then) s
t-ita.300 @sf
14 r (hl) s
t-rom.300 @sf
14 r (is) s
14 r (called) s
15 r (which) s
13 r (is) s
14 r (similar) s
14 r (to) s
t-ita.300 @sf
14 r (ha) s
t-rom.300 @sf
14 r (but) s
13 r (uses) s
15 r (for) s
14 r (local) s
1012 1820 p (interfaces) s
11 r (for) s
10 r 97 c
11 r (source) s
11 r (of) s
9 r (networks.) s
1054 1882 p (It) s
10 r (is) s
10 r (not) s
10 r (clear) s
11 r (that) s
t-ita.300 @sf
10 r (ha) s
t-rom.300 @sf
10 r (and) s
t-ita.300 @sf
11 r (hl) s
t-rom.300 @sf
10 r (worked.) s
14 r (Because) s
t-ita.300 @sf
12 r (hn) s
t-rom.300 @sf
10 r (returns) s
1012 1932 p (if) s
10 r (the) s
10 r (address) s
11 r (is) s
11 r (local,) s
t-ita.300 @sf
10 r (hl) s
t-rom.300 @sf
10 r (appears) s
11 r (to) s
10 r (have) s
11 r (no) s
10 r (chance) s
11 r (of) s
10 r (suc-) s
1012 1982 p (ceeding.) s
15 r (If) s
10 r (alternate) s
10 r (addresses) s
11 r (for) s
10 r (gateways) s
11 r (are) s
11 r (indeed) s
10 r (ob-) s
1012 2032 p (tained) s
12 r (by) s
11 r (other) s
11 r (parts) s
12 r (of) s
11 r (the) s
12 r (virus) s
11 r (then) s
t-ita.300 @sf
11 r (ha) s
t-rom.300 @sf
11 r (could) s
12 r (work.) s
17 r (But) s
1012 2082 p (if) s
10 r (only) s
9 r (the) s
9 r (addresses) s
12 r (in) s
9 r (the) s
10 r (routing) s
8 r (table) s
9 r (were) s
11 r (used) s
10 r (it) s
9 r (could) s
1012 2131 p (not) s
14 r (work,) s
16 r (since) s
15 r (by) s
14 r (de) s
174 c
(nition) s
13 r (these) s
15 r (addresses) s
16 r (must) s
15 r (be) s
15 r (on) s
1012 2181 p 97 c
13 r (directly) s
11 r (connected) s
13 r (network.) s
19 r (Also,) s
12 r (in) s
12 r (our) s
11 r (monitoring) s
10 r (we) s
1012 2231 p (never) s
12 r (detected) s
12 r (an) s
11 r (attack) s
12 r (on) s
11 r 97 c
11 r (randomly) s
11 r (generated) s
12 r (address.) s
1012 2281 p (These) s
12 r (routines) s
9 r (do) s
10 r (not) s
9 r (seem) s
12 r (to) s
10 r (have) s
11 r (been) s
10 r (functional.) s
t-bol.360 @sf
1012 2467 p (A.6) s
51 r (Attack) s
18 r 114 c
(outines) s
t-rom.300 @sf
1012 2568 p (There) s
11 r (are) s
11 r 97 c
11 r (collection) s
9 r (of) s
9 r (attack) s
11 r (routines,) s
9 r (all) s
10 r (of) s
9 r (which) s
10 r (try) s
9 r (to) s
1012 2617 p (obtain) s
8 r 97 c
8 r (Bourne) s
8 r (Shell) s
8 r (running) s
6 r (on) s
8 r (the) s
8 r (tar) s
(geted) s
7 r (machine.) s
15 r (See) s
1012 2667 p (Appendix) s
9 r (A.7) s
10 r (for) s
9 r 97 c
10 r (description) s
8 r (of) s
9 r (the) s
c-med.300 @sf
9 r (l1.c) s
t-rom.300 @sf
10 r (program,) s
9 r (used) s
1012 2717 p (by) s
10 r (all) s
10 r (the) s
10 r (attack) s
11 r (routines.) s
954 2842 p (12) s
@eop
13 @bop0
cmr7.300 @sf
[<0FC01FE0387070387038F03CF03CF03CF03CF03CF03CF03CF03CF03C7038703838701FE00FC0> 14 19 -1 0 17] 48 @dc
cmr6.300 @sf
[<1F003F8071C060C0E0E0E0E0E0E0E0E0E0E0E0E0E0E0E0E060C071C03F801F00> 11 16 -1 0 15] 48 @dc
13 @bop1
t-bol.300 @sf
-36 96 p (A.6.1) s
40 r (hu1) s
t-rom.300 @sf
-36 176 p (The) s
t-ita.300 @sf
8 r (hu1) s
t-rom.300 @sf
9 r (routine) s
8 r (is) s
8 r (called) s
10 r (by) s
8 r (the) s
9 r (Phase) s
10 r 49 c
9 r (and) s
9 r (Phase) s
11 r 51 c
t-ita.300 @sf
8 r (crack-) s
-36 226 p (some) s
t-rom.300 @sf
9 r (subroutines.) s
13 r (Once) s
11 r 97 c
10 r (password) s
11 r (for) s
9 r (user) s
11 r (name) s
11 r (guessed) s
-36 276 p (correctly) s
-3 r 44 c
10 r (this) s
10 r (routine) s
10 r (is) s
11 r (called) s
11 r (with) s
10 r 97 c
12 r (host) s
10 r (name) s
12 r (read) s
12 r (from) s
-36 326 p (either) s
12 r (the) s
13 r (user) s
2 r 39 c
-1 r 115 c
c-med.300 @sf
13 r (.forward) s
t-rom.300 @sf
13 r (or) s
c-med.300 @sf
13 r (.rhosts) s
14 r t-rom.300 @sf
174 c
(les.) s
24 r (In) s
14 r (order) s
-36 376 p (to) s
10 r (assume) s
14 r (the) s
12 r (user) s
2 r 39 c
-1 r 115 c
10 r (id) s
12 r (it) s
11 r (then) s
12 r (tries) s
12 r (to) s
12 r (connect) s
12 r (to) s
12 r (the) s
12 r (local) s
-36 425 p (machine') s
-1 r 115 c
c-med.300 @sf
7 r (rexec) s
t-rom.300 @sf
9 r (server) s
9 r (using) s
8 r (the) s
9 r (guessed) s
10 r (name) s
10 r (and) s
9 r (pass-) s
-36 475 p (word.) s
21 r (If) s
14 r (successful) s
14 r (it) s
12 r (runs) s
13 r (an) s
c-med.300 @sf
14 r (rsh) s
t-rom.300 @sf
13 r (to) s
13 r (the) s
13 r (tar) s
(get) s
12 r (machine,) s
-36 525 p (tryi) s
-1 r (ng) s
7 r (to) s
9 r (execute) s
10 r 97 c
9 r (Bourne) s
9 r (Shell,) s
9 r (which) s
9 r (it) s
8 r (uses) s
10 r (to) s
8 r (send) s
10 r (over) s
-36 575 p (and) s
9 r (compile) s
10 r (the) s
c-med.300 @sf
10 r (l1.c) s
t-rom.300 @sf
10 r (infection) s
9 r (program.) s
t-bol.300 @sf
-36 692 p (A.6.2) s
40 r (Hit) s
16 r (SMTP) s
t-rom.300 @sf
-36 772 p (This) s
9 r (routine) s
9 r (make) s
12 r 97 c
11 r (connection) s
10 r (to) s
10 r (TCP) s
10 r (port) s
10 r (25,) s
11 r (the) s
10 r (SMTP) s
-36 822 p (port) s
-1 r 44 c
10 r (of) s
11 r 97 c
12 r (remote) s
12 r (machine) s
12 r (and) s
11 r (used) s
12 r (it) s
10 r (to) s
11 r (take) s
11 r (advantage) s
12 r (of) s
-36 872 p (the) s
13 r (sendmail) s
14 r (bug.) s
26 r (It) s
14 r (attempts) s
14 r (to) s
14 r (use) s
15 r (the) s
15 r (debug) s
14 r (option) s
12 r (to) s
-36 922 p (make) s
c-med.300 @sf
12 r (sendmail) s
t-rom.300 @sf
13 r (run) s
12 r 97 c
13 r (command) s
14 r (\(the) s
13 r 96 c
-2 r (`recipient') s
-4 r 39 c
11 r (of) s
13 r (the) s
-36 972 p (message\),) s
15 r (which) s
14 r (transfers) s
14 r (the) s
c-med.300 @sf
14 r (l1.c) s
t-rom.300 @sf
13 r (program) s
14 r (included) s
13 r (in) s
-36 1021 p (the) s
9 r (body) s
9 r (of) s
10 r (the) s
10 r (message.) s
t-bol.300 @sf
-36 1139 p (A.6.3) s
40 r (Hit) s
16 r (\014nger) s
t-rom.300 @sf
-36 1219 p (The) s
9 r 96 c
-2 r (`hit) s
7 r 174 c
(nger) s
2 r 39 c
-2 r 39 c
8 r (routine) s
9 r (tries) s
9 r (to) s
9 r (make) s
11 r 97 c
10 r (connection) s
9 r (to) s
9 r (TCP) s
-36 1269 p (port) s
13 r (79,) s
17 r (the) s
15 r 174 c
(nger) s
15 r (port,) s
16 r (of) s
15 r (the) s
16 r (remote) s
15 r (machine.) s
31 r (Then) s
15 r (it) s
-36 1319 p (creates) s
10 r 97 c
11 r 96 c
-2 r (`magic) s
9 r (packet') s
-2 r 39 c
10 r (which) s
9 r (consists) s
10 r (of) s
cmsy10.300 @sf
4 1370 p 15 c
t-rom.300 @sf
21 r 65 c
17 r (400) s
16 r (byte) s
17 r 96 c
-2 r (`runway') s
-4 r 39 c
15 r (of) s
17 r 86 c
-4 r (AX) s
16 r 96 c
-2 r (`nop') s
-4 r 39 c
15 r (instructions,) s
46 1420 p (which) s
9 r (can) s
11 r (be) s
11 r (executed) s
11 r (harmlessly) s
-2 r 46 c
cmsy10.300 @sf
4 1469 p 15 c
t-rom.300 @sf
21 r 65 c
10 r (small) s
10 r (piece) s
10 r (of) s
10 r (code) s
10 r (which) s
10 r (executes) s
11 r 97 c
10 r (Bourne) s
10 r (Shell.) s
cmsy10.300 @sf
4 1519 p 15 c
t-rom.300 @sf
21 r 65 c
18 r (stack) s
18 r (frame,) s
22 r (with) s
17 r 97 c
19 r (return) s
17 r (address) s
19 r (which) s
18 r (would) s
46 1569 p (hopefully) s
8 r (point) s
9 r (into) s
9 r (the) s
10 r (code.) s
4 1620 p (Note) s
13 r (that) s
12 r (the) s
12 r (piece) s
14 r (of) s
12 r (code) s
14 r (is) s
12 r 86 c
-4 r (AX) s
11 r (code,) s
15 r (and) s
13 r (the) s
12 r (stack) s
-36 1670 p (frame) s
7 r (is) s
7 r 97 c
8 r 86 c
-4 r (AX) s
6 r (frame,) s
9 r (in) s
7 r (the) s
7 r (wrong) s
7 r (order) s
7 r (for) s
7 r (the) s
7 r (Sun.) s
13 r (Thus,) s
-36 1720 p (althou) s
-1 r (gh) s
13 r (the) s
14 r (Sun) s
14 r 174 c
(nger) s
15 r (daemon) s
15 r (has) s
15 r (the) s
14 r (same) s
16 r (bug) s
14 r (as) s
16 r (the) s
-36 1770 p 86 c
-4 r (A) s
-1 r 88 c
8 r (one,) s
11 r (this) s
9 r (piece) s
11 r (of) s
10 r (code) s
11 r (cannot) s
10 r (exploit) s
9 r (it.) s
4 1821 p (The) s
12 r (attack) s
11 r (on) s
11 r (the) s
11 r 174 c
(nger) s
11 r (daemon) s
12 r (is) s
11 r (clearly) s
11 r 97 c
11 r (lysogenetic) s
-36 1871 p 96 c
-2 r (`v) s
-1 r (i) s
-1 r (ral') s
-3 r 39 c
15 r (attack) s
17 r (\(see) s
18 r (Section) s
16 r (1.2\),) s
19 r (since) s
17 r (although) s
15 r 97 c
18 r (worm) s
-36 1920 p (doesn') s
-1 r 116 c
14 r (modify) s
15 r (the) s
15 r (host) s
15 r (machine) s
17 r (at) s
16 r (all,) s
17 r (the) s
16 r 174 c
(nger) s
15 r (attack) s
-36 1970 p (does) s
10 r (modify) s
11 r (the) s
12 r (running) s
10 r 174 c
(nger) s
11 r (daemon) s
12 r (process.) s
19 r (The) s
13 r 96 c
-2 r (`in-) s
-36 2020 p (jected) s
13 r (DNA) s
-4 r 39 c
-2 r 39 c
13 r (component) s
14 r (of) s
14 r (the) s
14 r (virus) s
14 r (contained) s
14 r (the) s
14 r 86 c
-4 r (AX) s
-36 2070 p (inst) s
-1 r (ructio) s
-1 r (ns) s
9 r (shown) s
9 r (in) s
10 r (Figure) s
10 r (2.) s
4 2121 p (The) s
t-ita.300 @sf
19 r (execve) s
t-rom.300 @sf
22 r (system) s
19 r (call) s
18 r (causes) s
20 r (the) s
19 r (current) s
18 r (process) s
19 r (to) s
-36 2171 p (be) s
19 r (replaced) s
20 r (with) s
19 r (an) s
20 r (invocation) s
18 r (of) s
19 r (the) s
20 r (named) s
20 r (program;) s
c-med.300 @sf
-36 2221 p (/bin/sh) s
t-rom.300 @sf
14 r (is) s
15 r (the) s
16 r (Bourne) s
15 r (Shell,) s
17 r 97 c
16 r (UNIX) s
16 r (command) s
17 r (inter-) s
-36 2270 p (preter) s
-2 r 46 c
12 r (In) s
7 r (this) s
8 r (case,) s
10 r (the) s
8 r (shell) s
8 r (winds) s
7 r (up) s
8 r (running) s
7 r (with) s
7 r (its) s
7 r (input) s
-36 2320 p (coming) s
9 r (from,) s
11 r (and) s
11 r (its) s
10 r (output) s
9 r (going) s
10 r (to,) s
10 r (the) s
11 r (network) s
10 r (connec-) s
-36 2370 p (tio) s
-1 r (n.) s
24 r (The) s
15 r (virus) s
14 r (then) s
14 r (sends) s
14 r (over) s
14 r (the) s
c-med.300 @sf
14 r (l1.c) s
t-rom.300 @sf
14 r (bootstrap) s
13 r (pro-) s
-36 2420 p (gram.) s
t-bol.300 @sf
-36 2537 p (A.6.4) s
40 r (Hit) s
16 r (rsh) s
t-rom.300 @sf
-36 2617 p (This) s
9 r (unlabeled) s
11 r (routine) s
9 r (tries) s
c-med.300 @sf
11 r (rsh) s
t-rom.300 @sf
10 r (to) s
11 r (the) s
10 r (tar) s
(get) s
10 r (host) s
10 r (\(assum-) s
-36 2667 p (ing) s
9 r (it) s
10 r (can) s
12 r (get) s
11 r (in) s
10 r (as) s
12 r (the) s
11 r (current) s
11 r (user\).) s
17 r (It) s
10 r (tries) s
11 r (three) s
11 r (dif) s
(ferent) s
-36 2717 p (names) s
10 r (for) s
10 r (the) s
c-med.300 @sf
10 r (rsh) s
t-rom.300 @sf
10 r (binary) s
-2 r 44 c
cmsy10.300 @sf
1054 96 p 15 c
c-med.300 @sf
20 r (/usr/ucb/rsh) s
cmsy10.300 @sf
1054 146 p 15 c
c-med.300 @sf
20 r (/usr/bin/rsh) s
cmsy10.300 @sf
1054 196 p 15 c
c-med.300 @sf
20 r (/bin/rsh) s
t-rom.300 @sf
1012 246 p (If) s
12 r (one) s
12 r (of) s
12 r (them) s
12 r (succeeds,) s
14 r (it) s
11 r (tries) s
12 r (to) s
11 r (resynchronize) s
12 r (\(see) s
13 r (Ap-) s
1012 295 p (pendix) s
7 r (A.8.1\)) s
9 r (the) s
7 r (connection;) s
8 r (if) s
7 r (that) s
7 r (doesn') s
116 c
7 r (succeed) s
9 r (within) s
1012 345 p (thirty) s
7 r (seconds) s
10 r (it) s
8 r (kills) s
7 r (of) s
102 c
8 r (the) s
8 r (child) s
8 r (process.) s
15 r (If) s
8 r (successful) s
10 r (the) s
1012 395 p (connection) s
8 r (can) s
8 r (then) s
8 r (be) s
8 r (used) s
8 r (to) s
7 r (launch) s
8 r (the) s
c-med.300 @sf
7 r (l1.c) s
t-rom.300 @sf
8 r 96 c
-2 r (`grappl) s
-1 r (ing) s
1012 445 p (hook') s
-2 r 39 c
8 r (program) s
10 r (at) s
11 r (the) s
10 r (victim.) s
1054 495 p (Note) s
16 r (that) s
15 r (this) s
15 r (infection) s
15 r (method) s
16 r (doesn') s
116 c
15 r (specify) s
16 r 97 c
16 r (user) s
1012 545 p (name) s
14 r (to) s
12 r (attack;) s
13 r (if) s
12 r (it) s
12 r (gets) s
12 r (into) s
12 r (the) s
12 r (remote) s
13 r (account,) s
13 r (it) s
12 r (is) s
12 r (be-) s
1012 594 p (cause) s
9 r (the) s
7 r (user) s
7 r (that) s
6 r (the) s
7 r (virus) s
6 r (is) s
7 r (running) s
5 r (as) s
8 r (also) s
7 r (has) s
7 r (an) s
7 r (account) s
1012 644 p (on) s
10 r (the) s
10 r (other) s
10 r (machine) s
10 r (which) s
10 r (trusts) s
9 r (the) s
10 r (originatin) s
-1 r 103 c
8 r (machine.) s
t-bol.300 @sf
1012 755 p (A.6.5) s
42 r (Hit) s
16 r 114 c
(exec) s
t-rom.300 @sf
1012 833 p (The) s
t-ita.300 @sf
19 r (hit) s
17 r 114 c
-1 r (exec) s
t-rom.300 @sf
20 r (routine) s
17 r (uses) s
19 r (the) s
18 r (remote) s
18 r (execution) s
18 r (system) s
1012 883 p (which) s
10 r (is) s
10 r (similar) s
9 r (to) s
c-med.300 @sf
9 r (rsh) s
t-rom.300 @sf
44 c
10 r (but) s
9 r (designed) s
10 r (for) s
9 r (use) s
11 r (by) s
9 r (programs.) s
1012 932 p (It) s
17 r (connects) s
17 r (and) s
16 r (sends) s
17 r (the) s
17 r (user) s
17 r (name,) s
19 r (the) s
17 r (password,) s
19 r (and) s
c-med.300 @sf
1012 982 p (/bin/sh) s
t-rom.300 @sf
10 r (as) s
11 r (the) s
10 r (command) s
11 r (to) s
10 r (execute.) s
t-bol.300 @sf
1012 1093 p (A.6.6) s
42 r (makemagic) s
t-rom.300 @sf
1012 1171 p (This) s
10 r (routine) s
8 r (tries) s
9 r (to) s
8 r (make) s
11 r 97 c
9 r (telnet) s
9 r (connection) s
9 r (to) s
8 r (each) s
11 r (of) s
9 r (the) s
1012 1221 p (available) s
10 r (addresses) s
10 r (for) s
9 r (the) s
9 r (current) s
9 r (victim.) s
13 r (It) s
9 r (broke) s
9 r (the) s
9 r (con-) s
1012 1271 p (nections) s
15 r (immediately) s
-2 r 44 c
15 r (often) s
15 r (producing) s
13 r (error) s
14 r (reports) s
15 r (from) s
1012 1320 p (the) s
10 r (telnet) s
9 r (daemon,) s
11 r (which) s
9 r (were) s
10 r (recorded,) s
11 r (and) s
9 r (provide) s
9 r (some) s
1012 1370 p (of) s
10 r (the) s
11 r (earliest) s
10 r (reports) s
9 r (of) s
10 r (attack) s
11 r (attempts.) s
cmr7.300 @sf
1680 1356 p (10) s
t-rom.300 @sf
1054 1420 p (If) s
11 r (it) s
10 r (succeedes) s
14 r (in) s
10 r (reaching) s
12 r (the) s
11 r (host,) s
11 r (it) s
10 r (creates) s
13 r 97 c
12 r (TCP) s
11 r (lis-) s
1012 1470 p (tener) s
10 r (on) s
9 r 97 c
10 r (random) s
9 r (port) s
8 r (number) s
10 r (which) s
8 r (the) s
10 r (infected) s
9 r (machine) s
1012 1520 p (would) s
10 r (eventually) s
9 r (connect) s
10 r (back) s
11 r (to.) s
t-bol.360 @sf
1012 1639 p (A.7) s
51 r (Grappling) s
17 r (Hook) s
t-rom.300 @sf
1012 1717 p 65 c
14 r (short) s
12 r (program,) s
14 r (named) s
c-med.300 @sf
14 r (l1.c) s
t-rom.300 @sf
44 c
14 r (is) s
13 r (the) s
13 r (common) s
13 r (grappling) s
1012 1766 p (hook) s
11 r (that) s
10 r (all) s
11 r (of) s
10 r (the) s
11 r (attack) s
11 r (routines) s
10 r (use) s
12 r (to) s
10 r (pull) s
10 r (over) s
11 r (the) s
11 r (rest) s
1012 1816 p (of) s
9 r (the) s
8 r (virus.) s
13 r (It) s
8 r (is) s
8 r (robustly) s
7 r (written,) s
8 r (and) s
8 r (fairly) s
8 r (portable.) s
12 r (It) s
8 r (ran) s
1012 1866 p (on) s
11 r 97 c
10 r (number) s
11 r (of) s
10 r (machines) s
11 r (which) s
10 r (were) s
11 r (neither) s
10 r 86 c
-4 r (AX) s
9 r (or) s
10 r (Sun,) s
1012 1916 p (loading) s
11 r (them) s
11 r (down) s
11 r (as) s
12 r (well,) s
12 r (but) s
10 r (only) s
11 r (making) s
11 r (them) s
12 r (periph-) s
1012 1966 p (eral) s
11 r (victims) s
10 r (of) s
10 r (the) s
10 r (virus.) s
1054 2016 p (The) s
11 r 174 c
(rst) s
11 r (thing) s
9 r (it) s
10 r (does) s
11 r (is) s
10 r (delete) s
11 r (the) s
11 r (binary) s
10 r (it) s
10 r (was) s
11 r (running) s
1012 2065 p (from.) s
16 r (It) s
10 r (checks) s
12 r (that) s
10 r (it) s
9 r (has) s
12 r (three) s
10 r (ar) s
(guments) s
10 r (\(exiting) s
9 r (if) s
10 r (there) s
1012 2115 p (aren') s
116 c
11 r (three) s
11 r (of) s
11 r (them\).) s
17 r (It) s
11 r (closes) s
12 r (all) s
11 r 174 c
(le) s
11 r (descriptors) s
11 r (and) s
11 r (then) s
1012 2165 p (forks,) s
11 r (exiting) s
9 r (if) s
10 r (the) s
10 r (fork) s
10 r (fails.) s
14 r (If) s
10 r (it) s
10 r (succeeds,) s
13 r (the) s
10 r (parent) s
10 r (ex-) s
1012 2215 p (its;) s
9 r (this) s
8 r (leaves) s
10 r (no) s
8 r (connection) s
9 r (from) s
9 r (the) s
8 r (child) s
9 r (to) s
8 r (the) s
9 r (infection) s
1012 2265 p (route.) s
1054 2315 p (Next,) s
17 r (it) s
15 r (creates) s
16 r 97 c
16 r (TCP) s
16 r (connection) s
15 r (back) s
16 r (to) s
15 r (the) s
15 r (address) s
1012 2364 p (given) s
7 r (as) s
9 r (the) s
7 r 174 c
(rst) s
8 r (ar) s
(gument,) s
7 r (and) s
8 r (the) s
7 r (port) s
7 r (given) s
7 r (as) s
8 r (the) s
8 r (second.) s
1012 2414 p (Then) s
16 r (it) s
15 r (sends) s
16 r (over) s
15 r (the) s
15 r (magic) s
16 r (number) s
16 r (given) s
14 r (as) s
16 r (the) s
16 r (third.) s
1012 2464 p (The) s
12 r (text) s
11 r (of) s
11 r (each) s
12 r (ar) s
(gument) s
11 r (is) s
11 r (erased) s
12 r (immediately) s
11 r (after) s
11 r (it) s
11 r (is) s
1012 2514 p (used.) s
14 r (The) s
7 r (stream) s
8 r (connection) s
7 r (is) s
6 r (then) s
7 r (reused) s
8 r (as) s
7 r (the) s
7 r (program') s
-1 r 115 c
1012 2564 p (standard) s
10 r (input) s
9 r (and) s
11 r (output.) s
1012 2600 p 390 2 ru
cmr6.300 @sf
1040 2627 p (10) s
t-rom.240 @sf
1072 2638 p (On) s
6 r (fast) s
6 r (machines,) s
6 r (such) s
5 r (as) s
6 r (the) s
6 r (DEC) s
6 r 86 c
-3 r (AX) s
5 r (3200,) s
6 r (there) s
5 r (may) s
6 r (be) s
5 r (no) s
6 r (record) s
1012 2678 p (of) s
9 r (these) s
9 r (attacks,) s
8 r (since) s
9 r (the) s
8 r (connection) s
7 r (is) s
10 r (handed) s
7 r (of) s
102 c
8 r (fast) s
9 r (enough) s
7 r (to) s
9 r (satisfy) s
1012 2717 p (the) s
8 r (daemon.) s
t-rom.300 @sf
954 2842 p (13) s
@eop
14 @bop0
/Courier /c-med.240 ReEncodeForTeX /c-med.240 /c-med.240 33.208800 TeXPSmakefont def
14 @bop1
c-med.300 @sf
162 124 p (pushl) s
74 r ($68732f) s
223 r (push) s
25 r ('/sh<NUL>') s
162 174 p (pushl) s
74 r ($6e69622f) s
173 r (push) s
25 r ('/bin') s
162 224 p (movl) s
99 r (sp,r10) s
248 r (save) s
25 r (address) s
24 r (of) s
25 r (start) s
24 r (of) s
25 r (string) s
162 273 p (pushl) s
74 r ($0) s
348 r (push) s
25 r 48 c
25 r (\(arg) s
24 r 51 c
25 r (to) s
25 r (execve\)) s
162 323 p (pushl) s
74 r ($0) s
348 r (push) s
25 r 48 c
25 r (\(arg) s
24 r 50 c
25 r (to) s
25 r (execve\)) s
162 373 p (pushl) s
74 r (r10) s
323 r (push) s
25 r (string) s
24 r (addr) s
25 r (\(arg) s
24 r 49 c
25 r (to) s
25 r (execve\)) s
162 423 p (pushl) s
74 r ($3) s
348 r (push) s
25 r (argument) s
24 r (count) s
162 473 p (movl) s
99 r (sp,ap) s
273 r (set) s
25 r (argument) s
24 r (pointer) s
162 522 p (chmk) s
99 r ($3b) s
323 r (do) s
25 r ("execve") s
24 r (kernel) s
25 r (call.) s
t-rom.300 @sf
556 655 p (Figure) s
10 r (2:) s
13 r 86 c
-4 r (AX) s
9 r (intructions) s
8 r (for) s
10 r (the) s
c-med.300 @sf
10 r (finger) s
t-rom.300 @sf
10 r (attack.) s
4 789 p 65 c
15 r (loop) s
15 r (reads) s
16 r (in) s
15 r 97 c
16 r (length) s
14 r (\(as) s
16 r 97 c
16 r (network) s
14 r (byte) s
15 r (order) s
15 r (32-) s
-36 839 p (bit) s
11 r (integer\)) s
13 r (and) s
14 r (then) s
13 r 97 c
14 r 174 c
(lename.) s
26 r (The) s
14 r 174 c
(le) s
14 r (is) s
13 r (unlinked) s
13 r (and) s
-36 888 p (opened) s
7 r (for) s
9 r (write,) s
8 r (and) s
9 r (then) s
9 r (the) s
8 r 174 c
(le) s
9 r (itself) s
8 r (is) s
9 r (read) s
9 r (in) s
8 r (\(using) s
8 r (the) s
-36 938 p (number) s
12 r (of) s
14 r (bytes) s
14 r (read) s
15 r (in) s
13 r (earlier) s
-1 r (.\)) s
24 r (On) s
14 r (any) s
14 r (error) s
-1 r 44 c
14 r (all) s
14 r (of) s
14 r (the) s
-36 988 p 174 c
(les) s
9 r (are) s
11 r (unlinked.) s
13 r (If) s
10 r (the) s
10 r (length) s
9 r (read) s
10 r (in) s
10 r (is) s
10 r (-1,) s
10 r (the) s
11 r (loop) s
9 r (exits,) s
-36 1038 p (and) s
9 r 97 c
11 r (Bourne) s
9 r (Shell) s
10 r (is) s
10 r (executed) s
11 r (\(replacing) s
10 r (the) s
c-med.300 @sf
10 r (l1) s
t-rom.300 @sf
10 r (program,) s
-36 1088 p (and) s
9 r (getting) s
9 r (its) s
9 r (input) s
9 r (from) s
10 r (the) s
10 r (same) s
12 r (source.\)) s
t-bol.360 @sf
-36 1231 p (A.8) s
49 r (Install) s
18 r (Routines) s
t-rom.300 @sf
-36 1318 p (There) s
14 r (are) s
15 r 97 c
14 r (variety) s
14 r (of) s
14 r (routines) s
13 r (used) s
14 r (to) s
14 r (actually) s
13 r (move) s
15 r (the) s
-36 1368 p (viru) s
-1 r 115 c
13 r (from) s
14 r (one) s
14 r (machine) s
15 r (to) s
14 r (the) s
14 r (other) s
-1 r 46 c
24 r (They) s
15 r (deal) s
15 r (with) s
13 r (the) s
-36 1417 p 96 c
-2 r (`v) s
-1 r (i) s
-1 r (rus) s
14 r (protocol') s
-3 r 39 c
13 r (connection) s
15 r (made) s
16 r (by) s
16 r (the) s
c-med.300 @sf
15 r (l1.c) s
t-rom.300 @sf
15 r (injected) s
-36 1467 p (progr) s
-1 r (am) s
10 r (or) s
9 r (with) s
10 r (the) s
10 r (shell) s
10 r (that) s
9 r (it) s
10 r (spawns.) s
t-bol.300 @sf
-36 1603 p (A.8.1) s
40 r 114 c
(esynch) s
t-rom.300 @sf
-36 1689 p (The) s
t-ita.300 @sf
9 r 114 c
-1 r (esynch) s
t-rom.300 @sf
11 r (routine) s
9 r (sends) s
10 r (commands) s
12 r (to) s
9 r 97 c
11 r (remote) s
10 r (shell,) s
10 r (re-) s
-36 1739 p (questin) s
-1 r 103 c
8 r (that) s
8 r (it) s
9 r (echo) s
10 r (back) s
9 r 97 c
10 r (speci) s
174 c
99 c
11 r (randomly) s
8 r (chosen) s
10 r (num-) s
-36 1789 p (ber) s
-2 r 46 c
18 r (It) s
12 r (then) s
12 r (waits) s
12 r 97 c
12 r (certain) s
13 r (amount) s
11 r (of) s
12 r (time) s
12 r (for) s
12 r 97 c
13 r (response.) s
-36 1838 p (This) s
12 r (routine) s
13 r (is) s
14 r (used) s
14 r (to) s
13 r (indicate) s
14 r (when) s
14 r (the) s
13 r (various) s
14 r (subpro-) s
-36 1888 p (grams) s
6 r (of) s
7 r (the) s
8 r (infection) s
6 r (procedure) s
7 r (have) s
8 r (compiled) s
7 r (or) s
7 r (executed) s
-36 1938 p (and) s
9 r 97 c
11 r (Bourne) s
9 r (Shell) s
10 r (prompt) s
9 r (is) s
10 r (available) s
11 r (again.) s
t-bol.300 @sf
-36 2074 p (A.8.2) s
40 r (waithit) s
t-rom.300 @sf
-36 2160 p (This) s
8 r (routine) s
8 r (does) s
10 r (much) s
10 r (of) s
10 r (the) s
9 r (high) s
9 r (level) s
9 r (work.) s
14 r (It) s
9 r (waits) s
9 r (\(up) s
-36 2210 p (to) s
9 r 50 c
10 r (minutes\)) s
10 r (for) s
10 r 97 c
12 r (return) s
10 r (connection) s
10 r (from) s
10 r 97 c
11 r (victim) s
10 r (\(which) s
-36 2260 p (has) s
9 r (had) s
c-med.300 @sf
10 r (l1.c) s
t-rom.300 @sf
10 r (injected) s
9 r (into) s
9 r (it.\)) s
13 r (It) s
9 r (then) s
10 r (tries) s
10 r (to) s
9 r (read) s
10 r 97 c
11 r (magic) s
-36 2309 p (number) s
8 r (\(which) s
9 r (had) s
10 r (been) s
10 r (previously) s
9 r (sent) s
9 r (to) s
9 r (that) s
10 r (victim) s
9 r (as) s
10 r 97 c
-36 2359 p (command) s
12 r (line) s
12 r (ar) s
(gument) s
12 r (to) s
13 r (the) s
c-med.300 @sf
12 r (l1) s
t-rom.300 @sf
13 r (program\)) s
12 r (and) s
13 r (gives) s
13 r (up) s
-36 2409 p (after) s
9 r (ten) s
10 r (seconds.) s
4 2463 p (After) s
7 r (the) s
7 r (connection) s
6 r (is) s
7 r (established,) s
8 r (all) s
7 r (of) s
7 r (the) s
7 r (current) s
7 r 96 c
-2 r (`ob-) s
-36 2513 p (jects') s
-3 r 39 c
11 r (in) s
12 r (storage) s
13 r (in) s
12 r (the) s
12 r (virus) s
12 r (are) s
13 r (fed) s
13 r (down) s
12 r (the) s
12 r (connection) s
-36 2563 p (int) s
-1 r 111 c
8 r (the) s
9 r (victim.) s
13 r (Then) s
10 r (it) s
9 r (tries) s
9 r (to) s
9 r (resynchronize,) s
10 r (and) s
10 r (if) s
9 r (it) s
8 r (suc-) s
-36 2613 p (ceeds,) s
10 r (sends) s
11 r (down) s
10 r (commands) s
11 r (to) s
cmsy10.300 @sf
4 2667 p 15 c
t-rom.300 @sf
21 r (set) s
10 r (the) s
c-med.300 @sf
10 r (PATH) s
t-rom.300 @sf
10 r (of) s
10 r (the) s
10 r (victim) s
10 r (shell) s
cmsy10.300 @sf
4 2717 p 15 c
t-rom.300 @sf
21 r (try) s
9 r (to) s
10 r (delete) s
c-med.300 @sf
10 r (sh) s
t-rom.300 @sf
10 r (in) s
10 r (the) s
10 r (current) s
10 r (directory) s
9 r 40 c
c-med.300 @sf
(/usr/tmp) s
t-rom.300 @sf
41 c
cmsy10.300 @sf
1054 789 p 15 c
t-rom.300 @sf
20 r (if) s
8 r (the) s
7 r (delete) s
9 r (fails,) s
8 r (pick) s
7 r 97 c
9 r (random) s
7 r (name) s
9 r (to) s
7 r (use) s
9 r (instead) s
cmr7.300 @sf
1952 775 p (11) s
cmsy10.300 @sf
1054 839 p 15 c
t-rom.300 @sf
20 r (scan) s
15 r (the) s
14 r (list) s
13 r (of) s
14 r (objects,) s
15 r (looking) s
11 r (for) s
14 r (names) s
15 r (ending) s
13 r (in) s
c-med.300 @sf
1095 888 p (.o) s
cmsy10.300 @sf
1054 938 p 15 c
t-rom.300 @sf
20 r (link) s
10 r (and) s
11 r (run) s
10 r (each) s
12 r (of) s
11 r (these,) s
12 r (with) s
10 r (the) s
10 r (command) s
12 r (line) s
10 r (ar) s
45 c
1095 988 p (guments) s
cmsy10.300 @sf
1145 1038 p 15 c
c-med.300 @sf
21 r (-p) s
25 r ($$) s
t-rom.300 @sf
44 c
10 r (where) s
c-med.300 @sf
10 r ($$) s
t-rom.300 @sf
9 r (is) s
10 r (the) s
9 r (process) s
10 r (id) s
10 r (of) s
9 r (the) s
9 r (victim) s
1187 1088 p (shell) s
cmsy10.300 @sf
1145 1138 p 15 c
t-rom.300 @sf
21 r (each) s
11 r (object) s
10 r (name) s
cmsy10.300 @sf
1054 1187 p 15 c
t-rom.300 @sf
20 r (resynchronize;) s
12 r (if) s
11 r (this) s
10 r (fails,) s
12 r (assume) s
13 r (that) s
11 r (the) s
11 r (virus) s
10 r (suc-) s
1095 1237 p (ceeded) s
15 r (\(since) s
13 r (the) s
c-med.300 @sf
13 r (-p) s
t-rom.300 @sf
13 r (option) s
12 r (tells) s
12 r (the) s
13 r (virus) s
13 r (to) s
12 r (kill) s
12 r (of) s
102 c
1095 1287 p (the) s
10 r (parent) s
10 r (shell\)) s
10 r (and) s
10 r (set) s
10 r 175 c
(ag) s
10 r (bit) s
9 r 49 c
10 r (of) s
10 r (the) s
10 r (host) s
9 r (list) s
9 r (entry) s
1095 1337 p (\(the) s
10 r (host) s
10 r (list) s
9 r (is) s
10 r (detailed) s
10 r (in) s
10 r (section) s
10 r (A.9\).) s
cmsy10.300 @sf
1054 1387 p 15 c
t-rom.300 @sf
20 r (delete) s
16 r (the) s
15 r (compiled) s
15 r (program,) s
16 r (and) s
16 r (go) s
14 r (on) s
15 r (to) s
15 r (the) s
15 r (next) s
1095 1436 p (object.) s
1054 1487 p (Thus,) s
21 r (to) s
18 r (add) s
18 r (another) s
18 r (machine) s
19 r (type,) s
20 r (the) s
19 r (virus) s
17 r (merely) s
1012 1536 p (needs) s
11 r (to) s
10 r (be) s
10 r (started) s
10 r (with) s
9 r 97 c
11 r (new) s
10 r (object) s
10 r (binary) s
9 r (as) s
11 r 97 c
11 r (command) s
1012 1586 p (line) s
13 r (option,) s
13 r (which) s
13 r (will) s
12 r (then) s
12 r (be) s
14 r (propagated) s
13 r (to) s
12 r (the) s
13 r (next) s
13 r (in-) s
1012 1636 p (fected) s
11 r (host) s
10 r (and) s
10 r (tried.) s
1054 1686 p (Note) s
29 r (that) s
28 r (the) s
29 r (path) s
28 r (used) s
29 r (here) s
30 r (was) s
c-med.300 @sf
29 r (PATH=) s
29 r (bin:) s
1012 1736 p (/usr/bin:) s
96 r (/usr/ucb) s
t-rom.300 @sf
14 r (which) s
14 r (is) s
15 r (certainly) s
13 r (reason-) s
1012 1786 p (able) s
17 r (on) s
17 r (most) s
16 r (systems.) s
35 r (This) s
16 r (protects) s
17 r (systems) s
17 r (with) s
16 r 96 c
-2 r (`un-) s
1012 1836 p (usual') s
-2 r 39 c
9 r 174 c
(lesystem) s
12 r (layouts,) s
10 r (and) s
10 r (suggests) s
11 r (that) s
10 r (complete) s
11 r (con-) s
1012 1885 p (sistency) s
11 r (among) s
10 r (systems) s
11 r (makes) s
11 r (them) s
11 r (more) s
10 r (vulnerable.) s
t-bol.360 @sf
1012 2006 p (A.9) s
51 r (Host) s
18 r (modules) s
t-rom.300 @sf
1012 2084 p (These) s
15 r (are) s
14 r 97 c
14 r (set) s
14 r (of) s
13 r (routines) s
13 r (designed) s
13 r (to) s
13 r (collect) s
13 r (names) s
15 r (and) s
1012 2134 p (addresses) s
14 r (of) s
13 r (tar) s
(get) s
12 r (hosts) s
12 r (in) s
12 r 97 c
13 r (master) s
14 r (list.) s
21 r (Each) s
13 r (entry) s
13 r (con-) s
1012 2184 p (tains) s
13 r (up) s
13 r (to) s
12 r (six) s
13 r (addresses,) s
16 r (up) s
12 r (to) s
13 r (twelve) s
13 r (names,) s
15 r (and) s
13 r 97 c
14 r 175 c
(ags) s
1012 2233 p 174 c
(eld.) s
t-bol.300 @sf
1012 2345 p (A.9.1) s
42 r (Name) s
16 r (to) s
15 r (host) s
t-rom.300 @sf
1012 2424 p (This) s
13 r (routine) s
10 r (searches) s
14 r (the) s
12 r (host) s
12 r (list) s
11 r (for) s
12 r 97 c
12 r (given) s
12 r (named) s
13 r (host,) s
1012 2473 p (returns) s
10 r (the) s
11 r (list) s
9 r (entry) s
10 r (describing) s
10 r (it,) s
10 r (and) s
11 r (optionall) s
-1 r 121 c
9 r (adds) s
10 r (it) s
10 r (to) s
1012 2523 p (the) s
11 r (list) s
9 r (if) s
9 r (it) s
10 r (isn') s
116 c
8 r (there) s
11 r (already) s
-2 r 46 c
1012 2560 p 390 2 ru
cmr6.300 @sf
1040 2588 p (11) s
t-rom.240 @sf
1072 2599 p (Since) s
8 r (the) s
8 r (delete) s
8 r (command) s
6 r (used) s
7 r 40 c
c-med.240 @sf
(rm) s
20 r (-f) s
t-rom.240 @sf
41 c
9 r (did) s
7 r (not) s
8 r (remove) s
7 r (directories,) s
1012 2638 p (creating) s
10 r 97 c
9 r (directory) s
c-med.240 @sf
9 r (/usr/tmp/sh) s
t-rom.240 @sf
10 r (stoped) s
8 r (the) s
10 r (virus[) s
(22) s
-1 r (].) s
17 r (However) s
-1 r 44 c
9 r (the) s
1012 2678 p (virus) s
10 r (would) s
10 r (still) s
11 r (use) s
10 r (CPU) s
11 r (resources) s
9 r (attempting) s
10 r (to) s
10 r (link) s
10 r (the) s
10 r (objects,) s
11 r (even) s
1012 2717 p (though) s
7 r (it) s
9 r (couldn') s
116 c
6 r (write) s
9 r (to) s
8 r (the) s
8 r (output) s
7 r 174 c
(le) s
9 r (\(since) s
7 r (it) s
9 r (was) s
8 r 97 c
8 r (directory\).) s
t-rom.300 @sf
954 2842 p (14) s
@eop
15 @bop0
/cmr8.300 @newfont
cmr8.300 @sf
[<0FC03FF07838700CE00EE00EE00EE03E70FC3DFC1FF80FE03FF03F387C1C701C701C701C38381FF007C0> 15 21 -1 0 18] 56 @dc
[<06000F000F000F000F000F00070007000700030003800180018000C00060C030C018E0187FFC7FFE7FFE6000> 15 22 -2 0 18] 55 @dc
[<03FE03FE0070007000700070FFFEFFFEE0707070307018701C700E700670077003F001F000F000F00070> 15 21 -1 0 18] 52 @dc
[<07C01FF03C38381C701E701EF01EF01EF01EF81CF81CFFF8F7F0F08070007018383C1C3C0E1C07F801F0> 15 21 -1 0 18] 54 @dc
[<1F803FC070F078387838301C001C021E1FDE3FFE703E703EF01EF01EF01EF01CF01C703838381FF007C0> 15 21 -1 0 18] 57 @dc
/cmmi8.300 @newfont
cmmi8.300 @sf
[<40603030181878F8F8F070> 5 11 -2 6 10] 59 @dc
cmr8.300 @sf
[<1F003FC060E0F070F078F078607800780078607070E07FC06F8060006000600060007F807FE07FF06030> 13 21 -2 0 18] 53 @dc
[<0FC03FF07038F83CF81EF81E701E001E003C007807E007E000F00078103C783C783C783C30781FF00FC0> 15 21 -1 0 18] 51 @dc
[<7FF07FF0070007000700070007000700070007000700070007000700070007000700F700FF000F000300> 12 21 -2 0 18] 49 @dc
[<07C01FF03C78783C701C701CF01EF01EF01EF01EF01EF01EF01EF01EF01E701C701C783C3C781FF007C0> 15 21 -1 0 18] 48 @dc
[<FFF0FFF07FF0303818180C180E000700038001C000E000F0007800787078F878F878F8F071F03FE01F80> 13 21 -2 0 18] 50 @dc
15 @bop1
t-bol.300 @sf
-36 96 p (A.9.2) s
40 r (Addr) s
(ess) s
17 r (to) s
15 r (host) s
t-rom.300 @sf
-36 174 p (This) s
9 r (routine) s
10 r (searches) s
12 r (the) s
11 r (host) s
10 r (list) s
10 r (for) s
10 r 97 c
11 r (given) s
10 r (host) s
11 r (address,) s
-36 224 p (returns) s
8 r (the) s
11 r (list) s
9 r (entry) s
10 r (describing) s
10 r (it,) s
10 r (and) s
11 r (optionall) s
-1 r 121 c
9 r (adds) s
10 r (it) s
10 r (to) s
-36 273 p (the) s
9 r (list) s
9 r (if) s
9 r (it) s
10 r (isn') s
116 c
8 r (there) s
11 r (already) s
-2 r 46 c
t-bol.300 @sf
-36 382 p (A.9.3) s
40 r (Add) s
16 r (addr) s
(ess/name) s
t-rom.300 @sf
-36 460 p (These) s
8 r (two) s
8 r (routines) s
7 r (added) s
9 r (an) s
9 r (address) s
9 r (or) s
8 r 97 c
9 r (name) s
10 r (to) s
8 r 97 c
9 r (host) s
8 r (list) s
-36 509 p (entry) s
-3 r 44 c
10 r (checking) s
11 r (to) s
11 r (make) s
12 r (sure) s
12 r (that) s
11 r (the) s
11 r (address) s
12 r (or) s
11 r (name) s
12 r (was) s
-36 559 p (not) s
8 r (already) s
10 r (known.) s
t-bol.300 @sf
-36 668 p (A.9.4) s
40 r (Clean) s
16 r (up) s
16 r (table) s
t-rom.300 @sf
-36 745 p (This) s
10 r (routine) s
11 r (cycles) s
13 r (through) s
10 r (the) s
12 r (host) s
11 r (list,) s
12 r (and) s
12 r (removes) s
13 r (any) s
-36 795 p (hosts) s
7 r (which) s
8 r (only) s
8 r (have) s
9 r 175 c
(ag) s
10 r (bits) s
8 r 49 c
8 r (and) s
9 r 50 c
9 r (set) s
9 r (\(and) s
9 r (clears) s
10 r (those) s
-36 845 p (bit) s
-1 r (s.\)) s
22 r (Bit) s
13 r 49 c
13 r (is) s
14 r (set) s
14 r (when) s
13 r 97 c
14 r (resynchronize) s
14 r (\(in) s
t-ita.300 @sf
13 r (waithit) s
t-rom.300 @sf
-1 r 41 c
12 r (fails,) s
-36 895 p (probabl) s
-1 r 121 c
12 r (indicating) s
12 r (that) s
14 r (this) s
13 r (host) s
13 r 96 c
-2 r (`got) s
12 r (lost') s
-2 r (') s
-1 r 46 c
24 r (Bit) s
13 r 50 c
14 r (is) s
13 r (set) s
-36 945 p (when) s
10 r 97 c
12 r (named) s
13 r (host) s
11 r (has) s
12 r (no) s
11 r (addresses,) s
14 r (or) s
11 r (when) s
12 r (several) s
13 r (dif-) s
-36 994 p (ferent) s
9 r (attack) s
11 r (attempts) s
11 r (fail.) s
15 r (Bit) s
9 r 51 c
11 r (is) s
10 r (set) s
11 r (when) s
11 r (Phase) s
12 r 48 c
10 r (of) s
11 r (the) s
-36 1044 p (crack) s
7 r (routines) s
7 r (successfully) s
8 r (retrieves) s
8 r (an) s
8 r (address) s
8 r (for) s
7 r (the) s
8 r (host.) s
t-bol.300 @sf
-36 1153 p (A.9.5) s
40 r (Get) s
17 r (addr) s
(esses) s
t-rom.300 @sf
-36 1230 p (This) s
9 r (routine) s
10 r (takes) s
11 r (an) s
11 r (entry) s
10 r (in) s
10 r (the) s
11 r (host) s
10 r (table) s
11 r (and) s
11 r (tries) s
10 r (to) s
10 r 174 c
(ll) s
-36 1280 p (in) s
9 r (the) s
10 r (the) s
10 r (gaps.) s
16 r (It) s
10 r (looks) s
9 r (up) s
11 r (an) s
11 r (address) s
11 r (for) s
10 r 97 c
11 r (name) s
12 r (it) s
9 r (has,) s
12 r (or) s
-36 1330 p (look) s
-1 r 115 c
12 r (up) s
13 r 97 c
14 r (name) s
14 r (for) s
13 r (the) s
13 r (addresses) s
15 r (it) s
12 r (has.) s
24 r (It) s
13 r (also) s
13 r (includes) s
-36 1380 p (any) s
9 r (aliases) s
11 r (it) s
9 r (can) s
11 r 174 c
(nd.) s
t-bol.360 @sf
-36 1497 p (A.10) s
49 r (Object) s
17 r 114 c
(outines) s
t-rom.300 @sf
-36 1574 p (These) s
14 r (routines) s
14 r (are) s
15 r (what) s
14 r (the) s
15 r (system) s
15 r (uses) s
15 r (to) s
14 r (pull) s
13 r (all) s
14 r (of) s
14 r (its) s
-36 1624 p (pieces) s
12 r (into) s
11 r (memory) s
12 r (when) s
13 r (it) s
11 r (starts) s
12 r (\(after) s
13 r (the) s
12 r (host) s
11 r (has) s
13 r (been) s
-36 1674 p (infected\)) s
7 r (and) s
9 r (then) s
9 r (to) s
8 r (retrieve) s
9 r (them) s
10 r (to) s
8 r (transmit) s
8 r (to) s
9 r (any) s
9 r (host) s
8 r (it) s
-36 1724 p (infects.) s
t-bol.300 @sf
-36 1832 p (A.10.1) s
40 r (Load) s
15 r (object) s
t-rom.300 @sf
-36 1910 p (This) s
11 r (routine) s
12 r (opens) s
13 r 97 c
13 r 174 c
(le,) s
14 r (determines) s
14 r (its) s
12 r (length,) s
13 r (allocating) s
-36 1960 p (the) s
7 r (appropriate) s
8 r (amount) s
9 r (of) s
8 r (memory) s
-2 r 44 c
10 r (reads) s
9 r (it) s
8 r (in) s
8 r (as) s
10 r (one) s
9 r (block,) s
-36 2010 p (decodes) s
15 r (the) s
16 r (block) s
16 r (of) s
16 r (memory) s
16 r (\(with) s
15 r (XOR\).) s
16 r (If) s
16 r (the) s
16 r (object) s
-36 2059 p (name) s
7 r (contains) s
7 r 97 c
9 r (comma,) s
9 r (it) s
7 r (moves) s
8 r (past) s
8 r (it) s
7 r (and) s
8 r (starts) s
7 r (the) s
8 r (name) s
-36 2109 p (there.) s
t-bol.300 @sf
-36 2218 p (A.10.2) s
40 r (Get) s
16 r (object) s
17 r (by) s
15 r (name) s
t-rom.300 @sf
-36 2295 p (This) s
5 r (routine) s
6 r (returns) s
7 r 97 c
7 r (pointer) s
6 r (to) s
6 r (the) s
7 r (requested) s
7 r (object.) s
13 r (This) s
7 r (is) s
-36 2345 p (used) s
9 r (to) s
9 r 174 c
(nd) s
9 r (the) s
10 r (pieces) s
11 r (to) s
9 r (download) s
9 r (when) s
9 r (infecting) s
9 r (another) s
-36 2395 p (host.) s
t-bol.360 @sf
-36 2512 p (A.1) s
-2 r 49 c
48 r (Other) s
18 r (initialization) s
17 r 114 c
(outines) s
t-bol.300 @sf
-36 2590 p (A.1) s
-2 r (1.1) s
40 r (if) s
15 r (init) s
t-rom.300 @sf
-36 2667 p (This) s
11 r (routine) s
11 r (scans) s
14 r (the) s
13 r (array) s
13 r (of) s
12 r (network) s
12 r (interfaces.) s
21 r (It) s
13 r (gets) s
-36 2717 p (the) s
13 r 175 c
(ags) s
15 r (for) s
15 r (each) s
15 r (interface,) s
17 r (and) s
15 r (makes) s
16 r (sure) s
15 r (the) s
14 r (interface) s
1012 96 p (is) s
11 r (UP) s
10 r (and) s
11 r (RUNNING) s
10 r (\(speci) s
174 c
99 c
11 r 174 c
(elds) s
11 r (of) s
10 r (the) s
10 r 175 c
(ag) s
11 r (structure\).) s
1012 146 p (If) s
15 r (the) s
15 r (entry) s
15 r (is) s
15 r 97 c
16 r (point) s
13 r (to) s
15 r (point) s
13 r (type) s
15 r (interface,) s
17 r (the) s
15 r (remote) s
1012 196 p (address) s
11 r (is) s
10 r (saved) s
11 r (and) s
10 r (added) s
10 r (to) s
9 r (the) s
10 r (host) s
10 r (table.) s
13 r (It) s
10 r (then) s
10 r (tries) s
9 r (to) s
1012 246 p (enter) s
11 r (the) s
10 r (router) s
9 r (into) s
9 r (the) s
11 r (list) s
9 r (of) s
10 r (hosts) s
9 r (to) s
10 r (attack.) s
t-bol.300 @sf
1012 370 p (A.1) s
-1 r (1.2) s
41 r (rt) s
16 r (init) s
t-rom.300 @sf
1012 452 p (This) s
10 r (routine) s
7 r (runs) s
c-med.300 @sf
9 r (netstat) s
24 r (-r) s
25 r (-n) s
t-rom.300 @sf
9 r (as) s
10 r 97 c
10 r (subprocess.) s
14 r (This) s
1012 502 p (shows) s
15 r (the) s
14 r (routing) s
12 r (table,) s
15 r (with) s
14 r (the) s
14 r (addresses) s
15 r (listed) s
14 r (numer-) s
1012 552 p (ically) s
-2 r 46 c
19 r (It) s
12 r (gives) s
12 r (up) s
12 r (after) s
12 r 174 c
(nding) s
11 r (500) s
12 r (gateways.) s
20 r (It) s
12 r (skips) s
12 r (the) s
1012 602 p (default) s
8 r (route,) s
8 r (as) s
9 r (well) s
7 r (as) s
9 r (the) s
8 r (loopback) s
7 r (entry) s
-2 r 46 c
12 r (It) s
8 r (checks) s
9 r (for) s
7 r (re-) s
1012 651 p (dundant) s
9 r (entries,) s
11 r (and) s
10 r (checks) s
11 r (to) s
10 r (see) s
11 r (if) s
9 r (this) s
10 r (address) s
10 r (is) s
10 r (already) s
1012 701 p (an) s
9 r (interface) s
9 r (address.) s
14 r (If) s
9 r (not,) s
8 r (it) s
8 r (adds) s
9 r (it) s
7 r (to) s
8 r (the) s
9 r (list) s
7 r (of) s
9 r (gateways.) s
1054 753 p (After) s
8 r (the) s
8 r (gateway) s
9 r (list) s
7 r (is) s
8 r (collected,) s
9 r (it) s
8 r (shuf) s
175 c
(es) s
7 r (it) s
8 r (and) s
8 r (enters) s
1012 803 p (the) s
11 r (addresses) s
11 r (in) s
10 r (the) s
10 r (host) s
9 r (table.) s
t-bol.360 @sf
1012 936 p (A.12) s
51 r (Interlock) s
18 r 114 c
(outines) s
t-rom.300 @sf
1012 1018 p (The) s
10 r (two) s
9 r (routines) s
t-ita.300 @sf
8 r (checkother) s
t-rom.300 @sf
11 r (and) s
t-ita.300 @sf
9 r (othersleep) s
t-rom.300 @sf
10 r (are) s
10 r (at) s
9 r (the) s
9 r (heart) s
1012 1068 p (of) s
9 r (the) s
9 r (excessive) s
11 r (propagation) s
8 r (of) s
8 r (the) s
10 r (virus.) s
12 r (It) s
9 r (is) s
9 r (clear) s
10 r (that) s
9 r (the) s
1012 1118 p (author) s
12 r (intended) s
12 r (for) s
12 r (the) s
12 r (virus) s
12 r (to) s
12 r (detect) s
13 r (that) s
12 r 97 c
13 r (machine) s
13 r (was) s
1012 1168 p (already) s
13 r (infected,) s
14 r (and) s
13 r (if) s
12 r (so) s
12 r (to) s
13 r (skip) s
12 r (it.) s
20 r (The) s
13 r (code) s
14 r (is) s
12 r (actually) s
1012 1217 p (fraught) s
13 r (with) s
13 r (timing) s
13 r 175 c
(aws) s
14 r (and) s
14 r (design) s
14 r (errors) s
14 r (which) s
13 r (lead) s
14 r (it) s
1012 1267 p (to) s
10 r (permit) s
10 r (multipl) s
-1 r 101 c
9 r (infections,) s
9 r (probably) s
9 r (more) s
11 r (often) s
9 r (than) s
10 r (the) s
1012 1317 p (designer) s
10 r (intended) s
cmr7.300 @sf
1307 1303 p (12) s
t-rom.300 @sf
1342 1317 p 46 c
1054 1369 p (An) s
14 r (active) s
14 r (infection) s
13 r (uses) s
14 r (the) s
t-ita.300 @sf
14 r (othersleep) s
t-rom.300 @sf
14 r (routine) s
13 r (for) s
13 r (two) s
1012 1419 p (purposes,) s
9 r 174 c
(rst) s
8 r (to) s
8 r (sleep) s
9 r (so) s
8 r (that) s
8 r (it) s
7 r (doesn') s
116 c
7 r (use) s
9 r (much) s
8 r (processor) s
1012 1469 p (time,) s
17 r (and) s
15 r (second) s
15 r (to) s
15 r (listen) s
14 r (for) s
14 r (requests) s
16 r (from) s
14 r 96 c
-2 r (`incoming') s
-3 r 39 c
1012 1519 p (viruses.) s
13 r (The) s
9 r (virus) s
7 r (which) s
7 r (is) s
8 r (running) s
t-ita.300 @sf
6 r (othersleep) s
t-rom.300 @sf
8 r (is) s
8 r (referred) s
8 r (to) s
1012 1569 p (as) s
10 r (the) s
9 r 96 c
-2 r (`listener) s
1 r 39 c
-3 r 39 c
7 r (and) s
9 r (the) s
9 r (virus) s
9 r (which) s
8 r (is) s
9 r (running) s
t-ita.300 @sf
7 r (checkother) s
t-rom.300 @sf
1012 1618 p (is) s
11 r (referred) s
10 r (to) s
10 r (as) s
11 r (the) s
10 r 96 c
-2 r (`tester) s
2 r 39 c
-3 r ('.) s
t-bol.300 @sf
1012 1742 p (A.12.1) s
42 r (Checkother) s
t-rom.300 @sf
1012 1825 p (The) s
14 r (tester) s
14 r (tries) s
13 r (to) s
12 r (connect) s
14 r (to) s
12 r (port) s
13 r (23357) s
12 r (on) s
13 r (the) s
13 r (local) s
13 r (ma-) s
1012 1875 p (chine) s
9 r (\(using) s
7 r (the) s
8 r (loopback) s
7 r (address,) s
9 r (127.0.0.1\)) s
8 r (to) s
8 r (see) s
9 r (if) s
8 r (it) s
7 r (can) s
1012 1925 p (connect) s
11 r (to) s
11 r 97 c
11 r (listener) s
-1 r 46 c
13 r (If) s
11 r (any) s
11 r (errors) s
10 r (occur) s
11 r (during) s
9 r (this) s
10 r (check,) s
1012 1974 p (the) s
9 r (virus) s
9 r (assumes) s
10 r (that) s
9 r (no) s
9 r (listener) s
8 r (is) s
9 r (present,) s
10 r (and) s
9 r (tries) s
9 r (to) s
8 r (be-) s
1012 2024 p (come) s
12 r 97 c
11 r (listener) s
9 r (itself.) s
1054 2077 p (If) s
8 r (the) s
7 r (connection) s
7 r (is) s
8 r (successful,) s
10 r (the) s
7 r (checker) s
9 r (sends) s
9 r 97 c
8 r (magic) s
1012 2126 p (number) s
cmr7.300 @sf
1139 2112 p (13) s
t-rom.300 @sf
1174 2126 p 44 c
14 r (and) s
12 r (listens) s
12 r (\(for) s
11 r (up) s
12 r (to) s
12 r (300) s
12 r (seconds\)) s
12 r (for) s
12 r 97 c
13 r (magic) s
1012 2176 p (number) s
11 r (from) s
10 r (the) s
10 r (listener) s
cmr7.300 @sf
1425 2162 p (14) s
t-rom.300 @sf
1460 2176 p 46 c
14 r (If) s
10 r (the) s
11 r (magic) s
11 r (number) s
10 r (is) s
10 r (wrong,) s
1012 2226 p (the) s
15 r (checker) s
15 r (assumes) s
16 r (it) s
14 r (is) s
14 r (being) s
14 r (spoofed) s
14 r (and) s
14 r (continues) s
14 r (to) s
1012 2276 p (run.) s
1054 2328 p (The) s
13 r (checker) s
13 r (then) s
11 r (picks) s
12 r 97 c
12 r (random) s
12 r (number) s
-1 r 44 c
12 r (shifts) s
11 r (it) s
11 r (right) s
1012 2378 p (by) s
12 r (three) s
12 r (\(throwing) s
10 r (away) s
13 r (the) s
12 r (lower) s
12 r (three) s
12 r (bits\)) s
11 r (and) s
12 r (sends) s
12 r (it) s
1012 2428 p (to) s
15 r (the) s
15 r (listener) s
-1 r 46 c
26 r (It) s
15 r (expects) s
15 r 97 c
16 r (number) s
15 r (back) s
15 r (within) s
14 r (ten) s
15 r (sec-) s
1012 2478 p (onds,) s
11 r (which) s
10 r (it) s
10 r (adds) s
10 r (to) s
10 r (the) s
10 r (one) s
11 r (sent.) s
15 r (If) s
10 r (this) s
9 r (sum) s
11 r (is) s
10 r (even,) s
12 r (the) s
1012 2520 p 390 2 ru
cmr6.300 @sf
1040 2548 p (12) s
t-rom.240 @sf
1072 2559 p (This) s
9 r (behavior) s
7 r (was) s
8 r (noted) s
8 r (by) s
8 r (both) s
8 r (looking) s
7 r (at) s
9 r (the) s
8 r (code) s
8 r (and) s
7 r (by) s
8 r (creating) s
1012 2598 p 97 c
11 r (testbed) s
9 r (setup,) s
10 r (manually) s
9 r (running) s
9 r 97 c
10 r (program) s
8 r (that) s
11 r (performs) s
9 r (the) s
10 r (checking) s
1012 2638 p (and) s
8 r (listening) s
7 r (functions.) s
cmr6.300 @sf
1040 2666 p (13) s
cmr8.300 @sf
1072 2677 p (874697) s
cmr6.300 @sf
1180 2682 p (16) s
cmmi8.300 @sf
1211 2677 p 59 c
cmr8.300 @sf
5 r (8865431) s
cmr6.300 @sf
1352 2682 p (10) s
cmmi8.300 @sf
1382 2677 p 59 c
cmr8.300 @sf
6 r (0416432) s
-1 r (27) s
cmr6.300 @sf
1559 2682 p 56 c
1040 2706 p (14) s
cmr8.300 @sf
1072 2717 p (148898) s
cmr6.300 @sf
1180 2722 p (16) s
cmmi8.300 @sf
1211 2717 p 59 c
cmr8.300 @sf
5 r (1345688) s
cmr6.300 @sf
1352 2722 p (10) s
cmmi8.300 @sf
1382 2717 p 59 c
cmr8.300 @sf
6 r (0510423) s
-1 r 48 c
cmr6.300 @sf
1541 2722 p 56 c
t-rom.300 @sf
954 2842 p (15) s
@eop
16 @bop0
16 @bop1
t-rom.300 @sf
-36 96 p (sender) s
11 r (increments) s
c-med.300 @sf
12 r (pleasequit) s
t-rom.300 @sf
44 c
12 r (which) s
11 r (\(as) s
12 r (noted) s
11 r (in) s
12 r (sec-) s
-36 146 p (tio) s
-1 r 110 c
8 r (A.3.2\)) s
11 r (does) s
10 r (very) s
11 r (littl) s
-1 r (e.) s
4 196 p (Once) s
14 r (it) s
12 r (has) s
13 r 174 c
(nished) s
12 r (communicating) s
12 r (\(or) s
13 r (failing) s
11 r (to) s
12 r (com-) s
-36 246 p (municate\)) s
9 r (with) s
9 r (the) s
11 r (listener) s
-1 r 44 c
9 r (the) s
10 r (checker) s
12 r (sleeps) s
11 r (for) s
10 r 174 c
(ve) s
11 r (sec-) s
-36 295 p (onds) s
7 r (and) s
10 r (tries) s
9 r (to) s
9 r (become) s
11 r 97 c
10 r (listener) s
-2 r 46 c
12 r (It) s
9 r (creates) s
11 r 97 c
10 r (TCP) s
10 r (stream) s
-36 345 p (socket,) s
11 r (sets) s
11 r (the) s
11 r (socket) s
12 r (options) s
9 r (to) s
11 r (indicate) s
11 r (that) s
10 r (it) s
11 r (should) s
10 r (al-) s
-36 395 p (low) s
9 r (multiple) s
10 r (binds) s
10 r (to) s
10 r (that) s
11 r (address) s
12 r (\(in) s
10 r (case) s
13 r (the) s
11 r (listener) s
t-ita.300 @sf
10 r (still) s
t-rom.300 @sf
-36 445 p (hasn') s
116 c
10 r (exited,) s
13 r (perhaps?\)) s
22 r (and) s
12 r (then) s
12 r (binds) s
12 r (the) s
13 r (socket) s
13 r (to) s
12 r (port) s
-36 495 p (23357) s
-1 r 44 c
11 r (and) s
12 r (listens) s
12 r (on) s
11 r (it) s
12 r (\(permitting) s
10 r 97 c
12 r (backlog) s
12 r (of) s
12 r (up) s
11 r (to) s
12 r (ten) s
-36 544 p (pendin) s
-1 r 103 c
9 r (connections.\)) s
t-bol.300 @sf
-36 652 p (A.12.2) s
40 r (Othersleep) s
t-rom.300 @sf
-36 730 p (The) s
t-ita.300 @sf
14 r (othersleep) s
t-rom.300 @sf
14 r (routine) s
13 r (is) s
14 r (run) s
14 r (when) s
14 r (the) s
15 r (main) s
14 r (body) s
14 r (of) s
14 r (the) s
-36 779 p (viru) s
-1 r 115 c
13 r (wants) s
13 r (to) s
14 r (idle) s
13 r (for) s
13 r 97 c
15 r (period) s
13 r (of) s
13 r (time.) s
25 r (This) s
14 r (was) s
14 r (appar-) s
-36 829 p (ently) s
9 r (intended) s
11 r (to) s
12 r (help) s
11 r (the) s
12 r (virus) s
11 r 96 c
-2 r (`hid) s
-1 r (e') s
-3 r 39 c
10 r (so) s
12 r (that) s
11 r (it) s
11 r (wouldn') s
116 c
-36 879 p (use) s
12 r (enough) s
12 r (processor) s
13 r (time) s
13 r (to) s
12 r (be) s
13 r (noticed.) s
21 r (While) s
13 r (the) s
12 r (main) s
-36 929 p (progr) s
-1 r (am) s
9 r (sleeps,) s
11 r (the) s
10 r (listener) s
10 r (code) s
10 r (waits) s
10 r (to) s
10 r (see) s
11 r (if) s
10 r (any) s
10 r (check-) s
-36 979 p (ers) s
7 r (have) s
8 r (appeared) s
8 r (and) s
8 r (queried) s
7 r (for) s
7 r (the) s
7 r (existence) s
8 r (of) s
7 r 97 c
9 r (listener) s
-1 r 44 c
-36 1028 p (as) s
9 r 97 c
11 r (simple) s
10 r 96 c
-2 r (`background) s
8 r (task') s
-2 r 39 c
9 r (of) s
10 r (the) s
10 r (main) s
11 r (virus.) s
4 1078 p (The) s
13 r (routine) s
12 r 174 c
(rst) s
12 r (checks) s
14 r (to) s
12 r (see) s
13 r (if) s
13 r (it) s
11 r (has) s
13 r (been) s
14 r (set) s
12 r (up) s
13 r (as) s
13 r 97 c
-36 1128 p (list) s
-1 r (ener;) s
7 r (if) s
8 r (not,) s
9 r (it) s
7 r (calls) s
9 r (the) s
8 r (normal) s
t-ita.300 @sf
9 r (sleep) s
t-rom.300 @sf
8 r (function) s
7 r (to) s
8 r (sleep) s
9 r (for) s
-36 1178 p (the) s
9 r (requested) s
10 r (number) s
10 r (of) s
10 r (seconds,) s
11 r (and) s
11 r (returns.) s
4 1228 p (If) s
11 r (it) s
10 r (is) s
11 r (set) s
11 r (up) s
11 r (as) s
12 r 97 c
11 r (listener) s
-1 r 44 c
11 r (it) s
10 r (listens) s
10 r (on) s
11 r (the) s
11 r (checking) s
11 r (port) s
-36 1278 p (with) s
8 r 97 c
11 r (timeout.) s
15 r (If) s
10 r (it) s
10 r (times) s
10 r (out,) s
11 r (it) s
10 r (returns,) s
10 r (otherwise) s
10 r (it) s
10 r (deals) s
-36 1327 p (with) s
5 r (the) s
7 r (connection) s
7 r (and) s
8 r (subtracts) s
7 r (the) s
7 r (elapsed) s
8 r (real) s
8 r (time) s
8 r (from) s
-36 1377 p (the) s
9 r (time) s
10 r (out) s
9 r (value.) s
4 1427 p (The) s
13 r (body) s
12 r (of) s
13 r (the) s
13 r (listener) s
12 r 96 c
-2 r (`accepts') s
-2 r 39 c
11 r (the) s
12 r (connection,) s
14 r (and) s
-36 1477 p (sends) s
8 r 97 c
10 r (magic) s
10 r (number) s
10 r (to) s
9 r (the) s
9 r (checker) s
-1 r 46 c
14 r (It) s
8 r (then) s
10 r (listens) s
8 r (\(for) s
9 r (up) s
-36 1527 p (to) s
7 r (10) s
9 r (seconds\)) s
10 r (for) s
9 r (the) s
9 r (checker) s
2 r 39 c
-1 r 115 c
9 r (magic) s
10 r (number) s
-1 r 44 c
9 r (and) s
10 r (picks) s
9 r 97 c
-36 1576 p (random) s
7 r (number) s
-1 r 46 c
12 r (It) s
8 r (shifts) s
7 r (the) s
8 r (random) s
8 r (number) s
8 r (right) s
7 r (by) s
8 r (three,) s
-36 1626 p (discarding) s
9 r (the) s
10 r (lower) s
11 r (bits,) s
11 r (and) s
11 r (sends) s
11 r (it) s
10 r (up) s
11 r (to) s
10 r (the) s
11 r (checker;) s
12 r (it) s
-36 1676 p (then) s
13 r (listens) s
15 r (\(for) s
15 r (up) s
14 r (to) s
15 r (10) s
15 r (seconds\)) s
16 r (for) s
15 r 97 c
15 r (random) s
16 r (number) s
-36 1726 p (from) s
9 r (the) s
11 r (checker) s
-1 r 46 c
17 r (If) s
11 r (any) s
11 r (of) s
11 r (these) s
11 r (steps) s
11 r (fail,) s
11 r (the) s
11 r (connection) s
-36 1776 p (is) s
9 r (closed) s
10 r (and) s
10 r (the) s
10 r (checker) s
12 r (is) s
10 r (ignored.) s
4 1825 p (Once) s
10 r (the) s
8 r (exchanges) s
10 r (have) s
10 r (occurred,) s
10 r (the) s
8 r (address) s
10 r (of) s
9 r (the) s
8 r (in-) s
-36 1875 p (coming) s
7 r (connection) s
9 r (is) s
9 r (compared) s
10 r (with) s
8 r (the) s
9 r (loopback) s
9 r (address.) s
-36 1925 p (If) s
7 r (it) s
6 r (is) s
7 r (not) s
7 r (from) s
7 r (the) s
7 r (loopback) s
7 r (address,) s
9 r (the) s
8 r (attempt) s
7 r (is) s
7 r (ignored.) s
-36 1975 p (If) s
8 r (it) s
7 r (is,) s
10 r (then) s
8 r (if) s
9 r (the) s
9 r (sum) s
9 r (of) s
8 r (the) s
9 r (exchanged) s
10 r (random) s
9 r (numbers) s
9 r (is) s
-36 2025 p (odd,) s
11 r (the) s
13 r (listener) s
11 r (increments) s
c-med.300 @sf
13 r (pleasequit) s
t-rom.300 @sf
12 r (\(with) s
11 r (littl) s
-1 r 101 c
11 r (ef-) s
-36 2075 p (fect,) s
10 r (as) s
12 r (noted) s
11 r (in) s
10 r (section) s
11 r (A.3.2\)) s
11 r (and) s
11 r (closes) s
12 r (the) s
10 r (listener) s
11 r (con-) s
-36 2124 p (nection.) s
t-bol.420 @sf
-36 2261 p 66 c
56 r (Built) s
23 r (in) s
23 r (dictionary) s
t-rom.300 @sf
-36 2354 p (432) s
8 r (words) s
10 r (were) s
11 r (included:) s
134 2420 p (aaa) s
129 r (academia) s
133 r (aerobics) s
134 2470 p (airplane) s
49 r (albany) s
177 r (albatross) s
134 2519 p (albert) s
88 r (alex) s
219 r (alexander) s
134 2569 p (algebra) s
61 r (aliases) s
178 r (alphabet) s
134 2619 p (ama) s
115 r (amorphous) s
103 r (analog) s
134 2669 p (anchor) s
70 r (andromache) s
86 r (animals) s
134 2719 p (answer) s
66 r (anthropogenic) s
49 r (anvils) s
1171 89 p (anything) s
94 r (aria) s
180 r (ariadne) s
1171 139 p (arrow) s
144 r (arthur) s
142 r (athena) s
1171 189 p (atmosphere) s
50 r (aztecs) s
142 r (azure) s
1171 239 p (bacchus) s
108 r (bailey) s
140 r (banana) s
1171 289 p (bananas) s
108 r (bandit) s
137 r (banks) s
1171 339 p (barber) s
135 r (baritone) s
105 r (bass) s
1171 388 p (bassoon) s
107 r (batman) s
120 r (beater) s
1171 438 p (beauty) s
130 r (beethoven) s
71 r (beloved) s
1171 488 p (benz) s
163 r (beowulf) s
105 r (berkeley) s
1171 538 p (berliner) s
111 r (beryl) s
156 r (beverly) s
1171 588 p (bicameral) s
78 r (bob) s
179 r (brenda) s
1171 637 p (brian) s
155 r (bridget) s
123 r (broadway) s
1171 687 p (bumbling) s
80 r (bur) s
(gess) s
115 r (campanile) s
1171 737 p (cantor) s
137 r (cardinal) s
108 r (carmen) s
1171 787 p (carolina) s
107 r (caroline) s
108 r (cascades) s
1171 837 p (castle) s
147 r (cat) s
194 r (cayuga) s
1171 886 p (celtics) s
135 r (cerulean) s
102 r (change) s
1171 936 p (charles) s
124 r (charming) s
85 r (charon) s
1171 986 p (chester) s
124 r (cigar) s
159 r (classic) s
1171 1036 p (clusters) s
114 r (cof) s
(fee) s
139 r (coke) s
1171 1086 p (collins) s
129 r (commrades) s
52 r (computer) s
1171 1136 p (condo) s
139 r (cookie) s
131 r (cooper) s
1171 1185 p (cornelius) s
88 r (couscous) s
90 r (creation) s
1171 1235 p (creosote) s
103 r (cretin) s
147 r (daemon) s
1171 1285 p (dancer) s
131 r (daniel) s
140 r (danny) s
1171 1335 p (dave) s
163 r (december) s
82 r (defoe) s
1171 1385 p (deluge) s
130 r (desperate) s
86 r (develop) s
1171 1434 p (dieter) s
146 r (digital) s
134 r (discovery) s
1171 1484 p (disney) s
132 r (dog) s
179 r (drought) s
1171 1534 p (duncan) s
121 r (eager) s
153 r (easier) s
1171 1584 p (edges) s
147 r (edinbur) s
(gh) s
72 r (edwin) s
1171 1634 p (edwina) s
121 r (egghead) s
104 r (eiderdown) s
1171 1683 p (eileen) s
142 r (einstein) s
112 r (elephant) s
1171 1733 p (elizabeth) s
91 r (ellen) s
161 r (emerald) s
1171 1783 p (engine) s
130 r (engineer) s
99 r (enterprise) s
1171 1833 p (enzyme) s
113 r (ersatz) s
146 r (establish) s
1171 1883 p (estate) s
147 r (euclid) s
140 r (evelyn) s
1171 1933 p (extension) s
81 r (fairway) s
115 r (felicia) s
1171 1982 p (fender) s
135 r (fermat) s
134 r 174 c
(delity) s
1171 2032 p 174 c
(nite) s
155 r 174 c
(shers) s
134 r 175 c
(akes) s
1171 2082 p 175 c
(oat) s
167 r 175 c
(ower) s
136 r 175 c
(owers) s
1171 2132 p (foolproof) s
82 r (football) s
111 r (foresight) s
1171 2182 p (format) s
130 r (forsythe) s
105 r (fourier) s
1171 2231 p (fred) s
174 r (friend) s
142 r (frighten) s
1171 2281 p (fun) s
185 r (fungible) s
102 r (gabriel) s
1171 2331 p (gardner) s
114 r (gar) s
174 c
(eld) s
115 r (gauss) s
1171 2381 p (geor) s
(ge) s
128 r (gertrude) s
103 r (ginger) s
1171 2431 p (glacier) s
128 r (gnu) s
179 r (golfer) s
1171 2480 p (gor) s
(geous) s
88 r (gor) s
(ges) s
131 r (gosling) s
1171 2530 p (gouge) s
139 r (graham) s
118 r (gryphon) s
1171 2580 p (guest) s
153 r (guitar) s
144 r (gumption) s
1171 2630 p (guntis) s
138 r (hacker) s
132 r (hamlet) s
1171 2680 p (handily) s
115 r (happening) s
68 r (harmony) s
954 2842 p (16) s
@eop
17 @bop0
17 @bop1
t-rom.300 @sf
106 89 p (harold) s
176 r (harvey) s
105 r (hebrides) s
106 139 p (heinlein) s
148 r (hello) s
134 r (help) s
106 189 p (herbert) s
165 r (hiawatha) s
68 r (hibernia) s
106 239 p (honey) s
181 r (horse) s
128 r (horus) s
106 289 p (hutchins) s
141 r (imbroglio) s
52 r (imperial) s
106 339 p (include) s
160 r (ingres) s
116 r (inna) s
106 388 p (innocuous) s
111 r (irishman) s
72 r (isis) s
106 438 p (japan) s
193 r (jessica) s
108 r (jester) s
106 488 p (jixian) s
187 r (johnny) s
101 r (joseph) s
106 538 p (joshua) s
174 r (judith) s
119 r (juggle) s
106 588 p (julia) s
208 r (kathleen) s
77 r (kermit) s
106 637 p (kernel) s
179 r (kirkland) s
78 r (knight) s
106 687 p (ladle) s
202 r (lambda) s
96 r (lamination) s
106 737 p (larkin) s
185 r (larry) s
139 r (lazarus) s
106 787 p (lebesgue) s
138 r (lee) s
170 r (leland) s
106 837 p (leroy) s
197 r (lewis) s
130 r (light) s
106 886 p (lisa) s
225 r (louis) s
136 r (lynne) s
106 936 p (macintosh) s
112 r (mack) s
129 r (maggot) s
106 986 p (magic) s
182 r (malcolm) s
73 r (mark) s
106 1036 p (markus) s
161 r (marty) s
121 r (marvin) s
106 1086 p (master) s
173 r (maurice) s
85 r (mellon) s
106 1136 p (merlin) s
174 r (mets) s
140 r (michael) s
106 1185 p (michelle) s
140 r (mike) s
135 r (minimum) s
106 1235 p (minsky) s
160 r (moguls) s
95 r (moose) s
106 1285 p (morley) s
165 r (mozart) s
103 r (nancy) s
106 1335 p (napoleon) s
130 r (nepenthe) s
68 r (ness) s
106 1385 p (network) s
146 r (newton) s
95 r (next) s
106 1434 p (noxious) s
150 r (nutriti) s
-1 r (on) s
73 r (nyquist) s
106 1484 p (oceanography) s
50 r (ocelot) s
116 r (olivetti) s
106 1534 p (olivia) s
187 r (oracle) s
117 r (orca) s
106 1584 p (orwell) s
176 r (osiris) s
127 r (outlaw) s
106 1634 p (oxford) s
171 r (paci) s
174 c
99 c
108 r (painless) s
106 1683 p (pakistan) s
144 r (pam) s
147 r (papers) s
106 1733 p (password) s
126 r (patricia) s
93 r (penguin) s
106 1783 p (peoria) s
179 r (percolate) s
66 r (persimmon) s
106 1833 p (persona) s
154 r (pete) s
149 r (peter) s
106 1883 p (philip) s
184 r (phoenix) s
83 r (pierre) s
106 1933 p (pizza) s
196 r (plover) s
111 r (plymouth) s
106 1982 p (polynomial) s
92 r (pondering) s
48 r (pork) s
106 2032 p (poster) s
181 r (praise) s
119 r (precious) s
106 2082 p (prelude) s
158 r (prince) s
114 r (princeton) s
106 2132 p (protect) s
167 r (protozoa) s
72 r (pumpkin) s
106 2182 p (puneet) s
172 r (puppet) s
104 r (rabbit) s
106 2231 p (rachmaninof) s
102 c
59 r (rainbow) s
81 r (raindrop) s
106 2281 p (raleigh) s
167 r (random) s
91 r (rascal) s
106 2331 p (really) s
188 r (rebecca) s
93 r (remote) s
106 2381 p (rick) s
218 r (ripple) s
120 r (robotics) s
106 2431 p (rochester) s
131 r (rolex) s
132 r (romano) s
106 2480 p (ronald) s
176 r (rosebud) s
86 r (rosemary) s
106 2530 p (roses) s
198 r (ruben) s
123 r (rules) s
106 2580 p (ruth) s
215 r (sal) s
172 r (saxon) s
106 2630 p (scamper) s
146 r (scheme) s
95 r (scott) s
106 2680 p (scotty) s
183 r (secret) s
122 r (sensor) s
1159 89 p (serenity) s
81 r (sharks) s
162 r (sharon) s
1159 139 p (shef) s
174 c
(eld) s
70 r (sheldon) s
138 r (shiva) s
1159 189 p (shivers) s
95 r (shuttle) s
156 r (signature) s
1159 239 p (simon) s
111 r (simple) s
157 r (singer) s
1159 289 p (single) s
113 r (smile) s
178 r (smiles) s
1159 339 p (smooch) s
84 r (smother) s
134 r (snatch) s
1159 388 p (snoopy) s
92 r (soap) s
192 r (socrates) s
1159 438 p (sossina) s
93 r (sparrows) s
118 r (spit) s
1159 488 p (spring) s
108 r (springer) s
131 r (squires) s
1159 538 p (strangle) s
81 r (stratford) s
126 r (stuttgart) s
1159 588 p (subway) s
86 r (success) s
145 r (summer) s
1159 637 p (super) s
123 r (superstage) s
93 r (support) s
1159 687 p (supported) s
48 r (surfer) s
171 r (suzanne) s
1159 737 p (swearer) s
85 r (symmetry) s
102 r (tangerine) s
1159 787 p (tape) s
144 r (tar) s
(get) s
173 r (tarragon) s
1159 837 p (taylor) s
115 r (telephone) s
106 r (temptation) s
1159 886 p (thailand) s
78 r (tiger) s
191 r (toggle) s
1159 936 p (tomato) s
97 r (topography) s
77 r (tortoise) s
1159 986 p (toyota) s
108 r (trails) s
184 r (trivial) s
1159 1036 p (trombone) s
53 r (tubas) s
180 r (tuttle) s
1159 1086 p (umesh) s
105 r (unhappy) s
124 r (unicorn) s
1159 1136 p (unknown) s
57 r (urchin) s
161 r (utility) s
1159 1185 p (vasant) s
107 r (vertigo) s
149 r (vicky) s
1159 1235 p (village) s
99 r (vir) s
(gini) s
-1 r 97 c
138 r (warren) s
1159 1285 p (water) s
121 r (weenie) s
151 r (whatnot) s
1159 1335 p (whiting) s
84 r (whitney) s
133 r (will) s
1159 1385 p (william) s
85 r (williamsbur) s
103 c
47 r (willie) s
1159 1434 p (winston) s
80 r (wisconsin) s
101 r (wizard) s
1159 1484 p (wombat) s
79 r (woodwind) s
91 r (wormwood) s
1159 1534 p (yacov) s
114 r (yang) s
187 r (yellowstone) s
1159 1584 p (yosemite) s
63 r (zap) s
211 r (zimmerman) s
t-bol.420 @sf
1012 1717 p (Refer) s
(ences) s
t-rom.300 @sf
1033 1812 p ([1]) s
20 r (R.) s
10 r (Hinden,) s
9 r (J.) s
10 r (Haverty) s
-2 r 44 c
9 r (and) s
9 r (A.) s
10 r (Sheltzer) s
-1 r 44 c
9 r 96 c
-2 r (`The) s
9 r (DARP) s
-3 r 65 c
1102 1862 p (Internet:) s
30 r (Interconnecting) s
17 r (Heterogeneous) s
19 r (Computer) s
1102 1912 p (Networks) s
16 r (with) s
16 r (Gateways,') s
-2 r 39 c
t-ita.300 @sf
18 r (IEEE) s
17 r (Computer) s
16 r (Maga-) s
1102 1962 p (zine) s
t-rom.300 @sf
44 c
11 r (vol.) s
10 r (16,) s
10 r (num.) s
11 r (9,) s
10 r (pp.) s
10 r (38) s
177 c
(48,) s
10 r (September) s
11 r (1983.) s
1033 2051 p ([2]) s
20 r (J.) s
14 r (S.) s
14 r (Quarterman) s
13 r (and) s
13 r (J.) s
13 r (C.) s
14 r (Hoskins,) s
13 r 96 c
-2 r (`Notabl) s
-1 r 101 c
12 r (Com-) s
1102 2101 p (puter) s
18 r (Networks,') s
-2 r 39 c
18 r (in) s
t-ita.300 @sf
17 r (Communicati) s
-1 r (ons) s
16 r (of) s
17 r (the) s
17 r (ACM) s
t-rom.300 @sf
44 c
1102 2151 p (vol.) s
10 r (29,) s
10 r (num.) s
11 r (10,) s
10 r (pp.) s
11 r (932) s
177 c
(971,) s
9 r (October) s
10 r (1986.) s
1033 2240 p ([3]) s
20 r (S.) s
11 r (E.) s
10 r (Luria,) s
10 r (S.) s
11 r (J.) s
10 r (Gould,) s
9 r (and) s
10 r (S.) s
10 r (Singer) s
-1 r 44 c
t-ita.300 @sf
9 r 65 c
11 r 86 c
-2 r (iew) s
8 r (of) s
9 r (Life) s
t-rom.300 @sf
46 c
1102 2290 p (Menlo) s
16 r (Park,) s
19 r (California:) s
23 r (Benjamin/Cummings) s
15 r (Pub-) s
1102 2339 p (lishing) s
9 r (Company) s
-2 r 44 c
9 r (Inc.,) s
11 r (1981.) s
1033 2429 p ([4]) s
20 r (J.) s
22 r 87 c
-2 r (atson) s
t-ita.300 @sf
19 r (et) s
21 r (al.) s
t-rom.300 @sf
44 c
t-ita.300 @sf
23 r (Molecular) s
20 r (Biology) s
20 r (of) s
20 r (the) s
20 r (Gene) s
t-rom.300 @sf
46 c
1102 2478 p (Menlo) s
16 r (Park,) s
19 r (California:) s
23 r (Benjamin/Cummings) s
15 r (Pub-) s
1102 2528 p (lishing) s
9 r (Company) s
-2 r 44 c
9 r (Inc.,) s
11 r (1987.) s
1033 2617 p ([5]) s
20 r (G.) s
11 r (G.) s
10 r (Simpson) s
9 r (and) s
10 r 87 c
-3 r 46 c
10 r (S.) s
11 r (Beck,) s
t-ita.300 @sf
10 r (Life:) s
13 r (An) s
10 r (Intr) s
-1 r (oduction) s
1102 2667 p (to) s
13 r (Biology) s
t-rom.300 @sf
46 c
27 r (New) s
14 r 89 c
-3 r (ork,) s
13 r (New) s
14 r 89 c
-3 r (ork:) s
18 r (Harcourt,) s
15 r (Brace) s
1102 2717 p (and) s
11 r 87 c
-2 r (ard,) s
9 r (Inc.,) s
11 r (1965.) s
954 2842 p (17) s
@eop
18 @bop0
18 @bop1
t-rom.300 @sf
-16 96 p ([6]) s
19 r (L.) s
25 r (Castro) s
t-ita.300 @sf
24 r (et) s
24 r (al.) s
t-rom.300 @sf
44 c
28 r 96 c
-2 r (`Post) s
22 r (Mortem) s
24 r (of) s
24 r 51 c
24 r (November) s
52 146 p (ARP) s
-3 r (ANET/MILNET) s
25 r (Attack.') s
-2 r 39 c
24 r (National) s
23 r (Computer) s
52 196 p (Security) s
10 r (Center) s
-1 r 44 c
10 r (Ft.) s
10 r (Meade) s
12 r (MD,) s
10 r 56 c
10 r (November) s
11 r (1988.) s
-16 276 p ([7]) s
19 r 80 c
-4 r 46 c
10 r (J.) s
11 r (Denning,) s
10 r 96 c
-2 r (`Comput) s
-1 r (er) s
9 r 86 c
-1 r (ir) s
-1 r (uses,') s
-2 r 39 c
t-ita.300 @sf
8 r (American) s
11 r (Scien-) s
52 326 p (tist) s
t-rom.300 @sf
44 c
10 r (vol.) s
10 r (766,) s
10 r (pp.) s
10 r (236) s
177 c
(238,) s
9 r (May-June) s
10 r (1988.) s
-16 406 p ([8]) s
19 r (D.) s
9 r (Seeley) s
-2 r 44 c
9 r 96 c
-2 r (`A) s
6 r 84 c
-2 r (our) s
7 r (of) s
8 r (the) s
8 r 87 c
-2 r (orm,') s
-2 r 39 c
6 r (in) s
t-ita.300 @sf
7 r (USENIX) s
8 r (Associ-) s
52 456 p (ation) s
10 r 87 c
-1 r (i) s
-1 r (nter) s
9 r (Confer) s
-1 r (ence) s
11 r (1989) s
10 r (Pr) s
-1 r (oceedings) s
t-rom.300 @sf
44 c
11 r (pp.) s
10 r (287) s
177 c
52 506 p (304,) s
10 r (January) s
11 r (1989.) s
-16 587 p ([9]) s
19 r (E.) s
18 r (H.) s
17 r (Spaf) s
(ford,) s
17 r 96 c
-2 r (`The) s
16 r (Internet) s
15 r 87 c
-2 r (orm) s
16 r (Program:) s
26 r (An) s
52 636 p (Analysis,') s
-2 r 39 c
t-ita.300 @sf
9 r (ACM) s
10 r (SIGCOM) s
t-rom.300 @sf
44 c
10 r (vol.) s
9 r (19,) s
11 r (January) s
10 r (1989.) s
-36 717 p ([10]) s
18 r (K.) s
22 r (Harrenstien,) s
24 r 96 c
-2 r (`NAME/FINGER) s
20 r (Protocol) s
20 r (Proto-) s
52 767 p (col,') s
-2 r 39 c
8 r (Request) s
7 r (For) s
8 r (Comments) s
8 r (NIC/RFC) s
6 r (742,) s
8 r (Network) s
52 816 p 87 c
-2 r (orking) s
8 r (Group,) s
10 r (USC) s
10 r (ISI,) s
10 r (Novemeber) s
11 r (1977.) s
-35 897 p ([1) s
-1 r (1]) s
18 r (J.) s
12 r (Markof) s
(f,) s
10 r 96 c
-2 r (`Computer) s
9 r (Snarl:) s
15 r 65 c
11 r (`Back) s
11 r (Door) s
2 r 39 c
10 r (Ajar,') s
-2 r 39 c
t-ita.300 @sf
52 947 p (New) s
11 r 89 c
-3 r (ork) s
10 r 84 c
-1 r (imes) s
t-rom.300 @sf
44 c
9 r (p.) s
11 r (B10,) s
10 r 55 c
10 r (November) s
10 r (1988.) s
-36 1027 p ([12]) s
18 r (J.) s
17 r (B.) s
16 r (Postel,) s
17 r 96 c
-2 r (`Simpl) s
-1 r 101 c
15 r (Mail) s
15 r 84 c
(ransfer) s
15 r (Protocol,') s
-2 r 39 c
15 r (Re-) s
52 1077 p (quest) s
13 r (For) s
12 r (Comments) s
12 r (NIC/RFC) s
11 r (821,) s
13 r (Network) s
11 r 87 c
-2 r (ork-) s
52 1127 p (ing) s
10 r (Group,) s
10 r (USC) s
10 r (ISI,) s
10 r (August) s
10 r (1982.) s
-36 1207 p ([13]) s
18 r (S.) s
16 r (Bellovin,) s
16 r 96 c
-2 r (`The) s
14 r (worm) s
16 r (and) s
15 r (the) s
15 r (debug) s
15 r (option,') s
-2 r 39 c
14 r (in) s
t-ita.300 @sf
52 1257 p (Forum) s
13 r (on) s
13 r (Risks) s
14 r (to) s
12 r (the) s
13 r (Public) s
12 r (in) s
12 r (Computers) s
13 r (and) s
12 r (Re-) s
52 1307 p (lated) s
13 r (Systems) s
t-rom.300 @sf
44 c
15 r (vol.) s
12 r (7,) s
15 r (num.) s
13 r (74,) s
14 r (ACM) s
13 r (Committee) s
13 r (on) s
52 1357 p (Computers) s
10 r (and) s
10 r (Public) s
10 r (Policy) s
-2 r 44 c
9 r (10) s
10 r (November) s
10 r (1988.) s
-36 1437 p ([14]) s
18 r (J.) s
8 r (Collyer) s
-1 r 44 c
6 r 96 c
-2 r (`Risks) s
6 r (of) s
7 r (unchecked) s
7 r (input) s
6 r (in) s
7 r 67 c
7 r (programs,') s
-2 r 39 c
52 1487 p (in) s
t-ita.300 @sf
8 r (Forum) s
9 r (on) s
8 r (Risks) s
9 r (to) s
8 r (the) s
8 r (Public) s
8 r (in) s
7 r (Computers) s
8 r (and) s
8 r (Re-) s
52 1537 p (lated) s
13 r (Systems) s
t-rom.300 @sf
44 c
15 r (vol.) s
12 r (7,) s
15 r (num.) s
13 r (74,) s
14 r (ACM) s
13 r (Committee) s
13 r (on) s
52 1587 p (Computers) s
10 r (and) s
10 r (Public) s
10 r (Policy) s
-2 r 44 c
9 r (10) s
10 r (November) s
10 r (1988.) s
-36 1667 p ([15]) s
18 r (J.) s
9 r (Saltzer) s
9 r (and) s
8 r (M.) s
9 r (Schroeder) s
-1 r 44 c
9 r 96 c
-2 r (`The) s
8 r (Protection) s
7 r (of) s
8 r (Infor-) s
52 1717 p (mation) s
7 r (in) s
7 r (Computer) s
7 r (Systems,') s
-2 r 39 c
7 r (in) s
t-ita.300 @sf
7 r (Pr) s
-1 r (oc.) s
8 r (IEEE) s
t-rom.300 @sf
44 c
9 r (vol.) s
7 r (63,) s
52 1767 p (num.) s
11 r (9,) s
10 r (pp.) s
11 r (1278) s
177 c
(1308,) s
8 r (IEEE,) s
12 r (September) s
11 r (1975.) s
-36 1847 p ([16]) s
18 r (J.) s
10 r (Steiner) s
-1 r 44 c
9 r (C.) s
10 r (Neuman,) s
10 r (and) s
10 r (J.) s
10 r (Schiller) s
-1 r 44 c
8 r 96 c
-2 r (`Kerberos:) s
12 r (An) s
52 1897 p (Authentication) s
10 r (Service) s
11 r (for) s
11 r (Open) s
12 r (Network) s
10 r (Systems,') s
-2 r 39 c
52 1947 p (in) s
t-ita.300 @sf
9 r (USENIX) s
10 r (Association) s
8 r 87 c
-1 r (inter) s
8 r (Confer) s
-1 r (ence) s
9 r (1988) s
9 r (Pr) s
-1 r (o-) s
52 1997 p (ceedings) s
t-rom.300 @sf
44 c
11 r (pp.) s
11 r (191) s
177 c
(202,) s
9 r (February) s
10 r (1988.) s
-36 2077 p ([17]) s
18 r (M.) s
16 r (R.) s
15 r (Horton,) s
16 r 96 c
-2 r (`How) s
13 r (to) s
15 r (Read) s
15 r (the) s
15 r (Network) s
15 r (News,') s
-2 r 39 c
t-ita.300 @sf
52 2127 p (UNIX) s
11 r (User) s
2 r 39 c
-4 r 115 c
9 r (Supplementary) s
9 r (Documents) s
t-rom.300 @sf
44 c
11 r (April) s
9 r (1986.) s
-36 2207 p ([18]) s
18 r 80 c
-4 r 46 c
21 r (Mockapetris,) s
22 r 96 c
-2 r (`Domain) s
19 r (Names) s
22 r 45 c
20 r (Concepts) s
20 r (And) s
52 2257 p (Facilities,') s
-2 r 39 c
14 r (Request) s
14 r (For) s
13 r (Comments) s
14 r (NIC/RFC) s
13 r (1034,) s
52 2307 p (Network) s
10 r 87 c
-2 r (orking) s
8 r (Group,) s
9 r (USC) s
11 r (ISI,) s
10 r (November) s
11 r (1987.) s
-36 2387 p ([19]) s
18 r (J.) s
11 r (Mogul) s
9 r (and) s
10 r (J.) s
11 r (B.) s
10 r (Postel,) s
10 r 96 c
-2 r (`Internet) s
8 r (Standard) s
9 r (Subnet-) s
52 2437 p (ting) s
16 r (Procedure,') s
-2 r 39 c
17 r (Request) s
16 r (For) s
17 r (Comments) s
16 r (NIC/RFC) s
52 2487 p (950,) s
8 r (Network) s
6 r 87 c
-2 r (orking) s
5 r (Group,) s
7 r (USC) s
7 r (ISI,) s
7 r (August) s
6 r (1985.) s
-36 2568 p ([20]) s
18 r (G.) s
19 r (Spaf) s
(ford,) s
20 r 96 c
-2 r (`A) s
17 r (cure!!!!!,') s
-2 r 39 c
19 r (in) s
t-ita.300 @sf
18 r (Forum) s
19 r (on) s
18 r (Risks) s
19 r (to) s
52 2617 p (the) s
11 r (Public) s
10 r (in) s
10 r (Computers) s
10 r (and) s
10 r (Related) s
11 r (Systems) s
t-rom.300 @sf
44 c
11 r (vol.) s
10 r (7,) s
52 2667 p (num.) s
12 r (70,) s
12 r (ACM) s
11 r (Committee) s
10 r (on) s
11 r (Computers) s
11 r (and) s
11 r (Public) s
52 2717 p (Policy) s
-2 r 44 c
10 r 51 c
10 r (November) s
10 r (1988.) s
1012 96 p ([21]) s
20 r (R.) s
11 r 87 c
-3 r 46 c
9 r (Baldwin,) s
t-ita.300 @sf
10 r (Rule) s
10 r (Based) s
10 r (Analysis) s
10 r (of) s
9 r (Computer) s
9 r (Se-) s
1102 146 p (curity) s
t-rom.300 @sf
46 c
16 r (PhD) s
10 r (thesis,) s
10 r (MIT) s
11 r (EE,) s
11 r (June) s
10 r (1987.) s
1012 229 p ([22]) s
20 r (G.) s
19 r (Spaf) s
(ford,) s
20 r 96 c
-2 r (`A) s
17 r (worm) s
18 r 96 c
-2 r (`condom') s
-3 r (',') s
-3 r 39 c
19 r (in) s
t-ita.300 @sf
17 r (Forum) s
19 r (on) s
1102 279 p (Risks) s
9 r (to) s
6 r (the) s
8 r (Public) s
7 r (in) s
7 r (Computers) s
6 r (and) s
7 r (Related) s
8 r (Systems) s
t-rom.300 @sf
44 c
1102 329 p (vol.) s
11 r (7,) s
12 r (num.) s
12 r (70,) s
11 r (ACM) s
11 r (Committee) s
11 r (on) s
11 r (Computers) s
11 r (and) s
1102 378 p (Public) s
10 r (Policy) s
-2 r 44 c
9 r 51 c
10 r (November) s
11 r (1988.) s
954 2842 p (18) s
@eop
@end