|
DataMuseum.dkPresents historical artifacts from the history of: DKUUG/EUUG Conference tapes |
This is an automatic "excavation" of a thematic subset of
See our Wiki for more about DKUUG/EUUG Conference tapes Excavated with: AutoArchaeologist - Free & Open Source Software. |
top - metrics - downloadIndex: T U
Length: 387578 (0x5e9fa)
Types: TextFile
Notes: Uncompressed file
└─⟦4f9d7c866⟧ Bits:30007245 EUUGD6: Sikkerheds distributionen
└─⟦e00e59648⟧ »./worm/mit-viru.ps.Z«
└─⟦this⟧
%!
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% Do not edit this prologue file; edit tex.pro instead!
/TeXDict 200 dict def
TeXDict begin
/Resolution 300 def
/Inch{Resolution mul}def
/Mtrx matrix def
/a4const 340 def
/usletterconst 310 def
/a4{}def
/letter{}def
/note{}def
/legal{}def
/@a4
{a4 initmatrix
72 Resolution div dup neg scale
270 -3215 translate
Mtrx currentmatrix pop
}def
/@letter
{letter initmatrix
72 Resolution div dup neg scale
usletterconst -3005 translate
Mtrx currentmatrix pop
}def
/@note
{note initmatrix
72 Resolution div dup neg scale
usletterconst -3005 translate
Mtrx currentmatrix pop
}def
/@landscape
{letter initmatrix
72 Resolution div dup neg scale
Mtrx currentmatrix 0 0.0 put
Mtrx 1 -1.0 put
Mtrx 2 1.0 put
Mtrx 3 0.0 put
Mtrx setmatrix
300 usletterconst translate
Mtrx currentmatrix pop
}def
/@legal
{legal initmatrix
72 Resolution div dup neg scale
295 -3880 translate
Mtrx currentmatrix pop
}def
/@manualfeed
{statusdict /manualfeed true put
}def
/@copies
{/#copies exch def
}def
/@restore /restore load def
/restore
{vmstatus pop
dup @VMused lt{pop @VMused}if
exch pop exch @restore /@VMused exch def
}def
/@pri
{
( ) print
( ) cvs print
}def
/@FontMatrix [1 0 0 -1 0 0] def
/@FontBBox [0 0 1 1] def
/@faceup{statusdict /setoutputtray known
{statusdict begin end}if} def
/@newfont
{/newname exch def
newname 7 dict def
newname load begin
/FontType 3 def
/FontMatrix @FontMatrix def
/FontBBox @FontBBox def
/BitMaps 128 array def
/BuildChar{CharBuilder}def
/Encoding 256 array def
0 1 255 {Encoding exch /.undef put}for
end
newname newname load definefont pop
}def
/ch-image{ch-data 0 get}def
/ch-width{ch-data 1 get}def
/ch-height{ch-data 2 get}def
/ch-xoff{ch-data 3 get}def
/ch-yoff{ch-data 4 get}def
/ch-tfmw{ch-data 5 get}def
/CharBuilder
{save 3 1 roll exch /BitMaps get exch get /ch-data exch def
ch-data null ne
{ch-tfmw 0 ch-xoff neg ch-yoff neg ch-width ch-xoff sub ch-height ch-yoff sub
setcachedevice
ch-width ch-height true [1 0 0 1 ch-xoff ch-yoff]
{ch-image}imagemask
}if
restore
}def
/@sf
{dup
/FontName known
{dup /FontName get tempstring cvs (SmallCaps) search
{/smallcaps true def pop pop pop}
{/smallcaps false def pop}
ifelse
}
{/smallcaps false def}
ifelse
setfont
}def
/@dc
{/ch-code exch def
dup 0 get
length 2 lt
{pop [ <00> 1 1 0 0 8.00 ]}
if
/ch-data exch def
currentfont /BitMaps get ch-code ch-data put
currentfont /Encoding get ch-code
dup ( ) cvs cvn
put
}def
/@pc
{pop
/ch-data exch def
currentpoint translate
ch-width ch-height true [1 0 0 -1 ch-xoff ch-yoff]
{ch-image}imagemask
}def
/@bop0
{pop
}def
/@bop1
{pop
erasepage initgraphics
Mtrx setmatrix
/SaveImage save def
}def
/@eop
{showpage
SaveImage restore
}def
/@start
{@letter
vmstatus pop /@VMused exch def pop
}def
/@end
{(VM used: ) print @VMused @pri
(. Unused: ) print vmstatus @VMused sub @pri pop pop
(\n) print flush
end
}def
/p
{moveto
}def
/r
{0 rmoveto
}def
/s
{smallcaps {SmallCapShow}{show} ifelse
}def
/c
{c-string exch 0 exch put
c-string s
}def
/c-string ( ) def
/ru
{/dy exch neg def
/dx exch def
/x currentpoint /y exch def def
newpath x y moveto
dx 0 rlineto
0 dy rlineto
dx neg 0 rlineto
closepath fill
x y moveto
}def
/@SpecialDefaults
{/hs 8.5 Inch def
/vs 11 Inch def
/ho 0 def
/vo 0 def
/hsc 1 def
/vsc 1 def
/CLIP false def
}def
/@hsize{/hs exch def /CLIP true def}def
/@vsize{/vs exch def /CLIP true def}def
/@hoffset{/ho exch def}def
/@voffset{/vo exch def}def
/@hscale{/hsc exch def}def
/@vscale{/vsc exch def}def
/@setclipper
{hsc vsc scale
CLIP
{newpath 0 0 moveto hs 0 rlineto 0 vs rlineto hs neg 0 rlineto closepath clip}
if
}def
/@beginspecial
{gsave /SpecialSave save def
currentpoint transform initgraphics itransform translate
@SpecialDefaults
/showpage{}def
}def
/@setspecial
{
MacDrwgs
{md begin /pxt ho def /pyt vo neg def end}
{ho vo translate @setclipper}
ifelse
}def
/@endspecial
{SpecialSave restore
grestore
}def
/ReEncodeForTeX
{/newfontname exch def
/basefontname exch def
/TeXstr 30 string def
/basefontdict basefontname findfont def
/newfont basefontdict maxlength dict def
basefontdict
{exch dup /FID ne
{dup /Encoding eq
{exch dup length array copy
newfont 3 1 roll put}
{exch newfont 3 1 roll put}
ifelse
}
{pop pop}
ifelse
}forall
basefontname TeXstr cvs (Dingbat) search
{pop pop pop}
{pop
/TeXvec basefontname TeXstr cvs (Courier) search
{pop pop pop TeXcourvec}
{pop TeXnormalvec}
ifelse def
TeXvec aload pop
TeXvec length 2 idiv
{newfont /Encoding get 3 1 roll put}
repeat
}
ifelse
newfontname newfont definefont pop
}def
/TeXnormalvec
[ 8#014 /fi 8#015 /fl 8#020 /dotlessi 8#022 /grave 8#023 /acute
8#024 /caron 8#025 /breve 8#026 /macron 8#027 /ring 8#030 /cedilla
8#031 /germandbls 8#032 /ae 8#033 /oe 8#034 /oslash 8#035 /AE
8#036 /OE 8#037 /Oslash 8#042 /quotedblright 8#074 /exclamdown
8#076 /questiondown 8#134 /quotedblleft 8#136 /circumflex
8#137 /dotaccent 8#173 /endash 8#174 /emdash 8#175 /quotedbl
8#176 /tilde 8#177 /dieresis ] def
/TeXcourvec
[ 8#016 /exclamdown 8#017 /questiondown 8#020 /dotlessi 8#022 /grave
8#023 /acute 8#024 /caron 8#025 /breve 8#026 /macron 8#027 /ring
8#030 /cedilla 8#031 /germandbls 8#032 /ae 8#033 /oe 8#034 /oslash
8#035 /AE 8#036 /OE 8#037 /Oslash 8#074 /less 8#076 /greater
8#134 /backslash 8#136 /circumflex 8#137 /underscore 8#173 /braceleft
8#174 /bar 8#175 /braceright 8#176 /tilde 8#177 /dieresis ] def
/TeXPSmakefont{
/TeXsize exch def
findfont
[ TeXsize 0 0 TeXsize neg 0 0 ] makefont
}def
/ObliqueFont{
/ObliqueAngle exch def
/ObliqueBaseName exch def
/ObliqueFontName exch def
/ObliqueTransform [1 0 ObliqueAngle sin ObliqueAngle cos div 1 0 0] def
/basefontdict ObliqueBaseName findfont ObliqueTransform makefont def
/newfont basefontdict maxlength dict def
basefontdict
{exch dup /FID ne
{dup /Encoding eq
{exch dup length array copy
newfont 3 1 roll put}
{exch newfont 3 1 roll put}
ifelse
}
{pop pop}
ifelse
}forall
newfont /FontName ObliqueFontName put
ObliqueFontName newfont definefont
pop
}def
/Times-Oblique /Times-Roman 15.5 ObliqueFont
/Times-BoldOblique /Times-Bold 15 ObliqueFont
/Times-ItalicUnslanted /Times-Italic -15.15 ObliqueFont
/SmallCapsFont{
/SmallCapsBaseName exch def
/SmallCapsFontName exch def
/basefontdict SmallCapsBaseName findfont def
/newfont basefontdict maxlength dict def
basefontdict
{exch dup /FID ne
{dup /Encoding eq
{exch dup length array copy
newfont 3 1 roll put}
{exch newfont 3 1 roll put}
ifelse
}
{pop pop}
ifelse
}forall
newfont /FontName SmallCapsFontName put
SmallCapsFontName newfont definefont
pop
}def
/Times-SmallCaps /Times-Roman SmallCapsFont
FontDirectory /Palatino-Roman known
{
/Palatino-Oblique /Palatino-Roman 10 ObliqueFont
/Palatino-BoldOblique /Palatino-Bold 10 ObliqueFont
/Palatino-SmallCaps /Palatino-Roman SmallCapsFont
}if
FontDirectory /NewCenturySchlbk-Roman known
{
/NewCenturySchlbk-Oblique /NewCenturySchlbk-Roman 16 ObliqueFont
/NewCenturySchlbk-ItalicUnslanted /NewCenturySchlbk-Italic -16 ObliqueFont
/NewCenturySchlbk-SmallCaps /NewCenturySchlbk-Roman SmallCapsFont
}if
/SmallCapShow{
/achar (A) def
/xfac 0.8 def
/yfac 0.8 def
/xrec 1 xfac div def
/yrec 1 yfac div def
{dup dup
8#141 ge exch 8#172 le and
{8#40 sub achar exch 0 exch put achar
xfac yfac scale show xrec yrec scale}
{achar exch 0 exch put achar show}
ifelse
}forall
}def
/tempstring 100 string def
/MacDrwgs false def
/@MacSetUp
{userdict /md known
{userdict /md get type /dicttype eq
{/MacDrwgs true def
md begin
/psu
/psu load
{/letter {}def
/note{}def
/legal{}def
statusdict /waittimeout 300 put
/page{pop}def
/pyt vo neg def
/pxt ho def
}
concatprocs
def
/od
/od load
{@setclipper}
concatprocs
def
end}
if}
if
}def
/concatprocs
{/p2 exch cvlit def
/p1 exch cvlit def
/p p1 length p2 length add array def
p 0 p1 putinterval
p p1 length p2 putinterval
p cvx
}def
end
statusdict /waittimeout 300 put
TeXDict begin
@start
%%Title: main.all.dvi
%%Creator: dvi2ps
%%EndProlog
1 @bop0
/Times-Roman /t-rom.510 ReEncodeForTeX /t-rom.510 /t-rom.510 70.568701 TeXPSmakefont def
/cmsy10.360 @newfont
cmsy10.360 @sf
[<00C00000E00000C00000C00040C080E0C1C0F8C7C07CCF801FFE0007F80001E00007F8001FFE007CCF80F8C7C0E0C1C040C0
8000C00000C00000E00000C000> 18 21 -3 -2 25] 3 @dc
/Times-Roman /t-rom.360 ReEncodeForTeX /t-rom.360 /t-rom.360 49.813200 TeXPSmakefont def
/Times-Bold /t-bol.300 ReEncodeForTeX /t-bol.300 /t-bol.300 41.511000 TeXPSmakefont def
/Times-Roman /t-rom.300 ReEncodeForTeX /t-rom.300 /t-rom.300 41.511000 TeXPSmakefont def
/Times-Bold /t-bol.420 ReEncodeForTeX /t-bol.420 /t-bol.420 58.115401 TeXPSmakefont def
/cmr7.300 @newfont
cmr7.300 @sf
[<7FE07FE00E000E000E000E000E000E000E000E000E000E000E000E000E00EE00FE001E000600> 11 19 -2 0 17] 49 @dc
/cmsy6.300 @newfont
cmsy6.300 @sf
[<0C000E00CCC0FFC0FFC03F00FFC0FFC0CCC00E000C00> 10 11 -3 -1 16] 3 @dc
/Times-Roman /t-rom.240 ReEncodeForTeX /t-rom.240 /t-rom.240 33.208800 TeXPSmakefont def
/cmsy8.300 @newfont
cmsy8.300 @sf
[<001FE00000FFFC0003F03F00078007800E0001C01C0000E038000070300000307000003860000018E000001CC000000CC000
000CC000000CC000000CC000000CC000000CC000000CE000001C600000187000003830000030380000701C0000E00E0001C0
0780078003F03F0000FFFC00001FE000> 30 29 -2 6 35] 13 @dc
/cmr6.300 @newfont
cmr6.300 @sf
[<FF80FF801C001C001C001C001C001C001C001C001C001C009C00FC007C000C00> 9 16 -2 0 15] 49 @dc
/Times-Bold /t-bol.360 ReEncodeForTeX /t-bol.360 /t-bol.360 49.813200 TeXPSmakefont def
1 @bop1
t-rom.510 @sf
519 229 p 87 c
-2 r (ith) s
16 r (Microscope) s
20 r (and) s
19 r 84 c
-4 r (weezers:) s
222 320 p (An) s
17 r (Analysis) s
19 r (of) s
18 r (the) s
18 r (Internet) s
19 r 86 c
-3 r (irus) s
18 r (of) s
18 r (November) s
20 r (1988) s
cmsy10.360 @sf
1728 295 p 3 c
t-rom.360 @sf
620 441 p (Mark) s
13 r 87 c
-4 r 46 c
12 r (Eichin) s
13 r (and) s
12 r (Jon) s
13 r (A.) s
12 r (Rochlis) s
593 557 p (Massachusetts) s
14 r (Institute) s
12 r (of) s
12 r 84 c
-2 r (echnology) s
621 615 p (77) s
12 r (Massachusetts) s
14 r 65 c
-3 r (venue,) s
12 r (E40-31) s
-1 r 49 c
743 673 p (Cambridge,) s
12 r (MA) s
13 r (02139) s
804 770 p (February) s
11 r (9,) s
13 r (1989) s
t-bol.300 @sf
373 926 p (Abstract) s
t-rom.300 @sf
4 1020 p (In) s
9 r (early) s
10 r (November) s
9 r (1988) s
9 r (the) s
9 r (Internet,) s
10 r 97 c
10 r (collection) s
8 r (of) s
9 r (net-) s
-36 1070 p (works) s
12 r (consisting) s
12 r (of) s
14 r (60,000) s
13 r (host) s
13 r (computers) s
14 r (implementing) s
-36 1120 p (the) s
11 r (TCP/IP) s
12 r (protocol) s
11 r (suite,) s
14 r (was) s
13 r (attacked) s
13 r (by) s
12 r 97 c
13 r (virus,) s
13 r 97 c
13 r (pro-) s
-36 1169 p (gram) s
6 r (which) s
7 r (broke) s
7 r (into) s
6 r (computers) s
7 r (on) s
7 r (the) s
7 r (network) s
7 r (and) s
7 r (which) s
-36 1219 p (spread) s
13 r (from) s
14 r (one) s
15 r (machine) s
15 r (to) s
13 r (another) s
-1 r 46 c
25 r (This) s
14 r (paper) s
15 r (is) s
14 r 97 c
14 r (de-) s
-36 1269 p (tailed) s
9 r (analysis) s
10 r (of) s
11 r (the) s
10 r (virus) s
10 r (programitself,) s
10 r (as) s
12 r (well) s
10 r (as) s
12 r (the) s
10 r (re-) s
-36 1319 p (actions) s
7 r (of) s
9 r (the) s
8 r (besieged) s
9 r (Internet) s
8 r (community) s
-2 r 46 c
13 r 87 c
-2 r 101 c
8 r (discuss) s
9 r (the) s
-36 1369 p (structu) s
-1 r (re) s
8 r (of) s
9 r (the) s
10 r (actual) s
9 r (program,) s
10 r (as) s
10 r (well) s
9 r (as) s
10 r (the) s
9 r (strategies) s
10 r (the) s
-36 1418 p (viru) s
-1 r 115 c
11 r (used) s
13 r (to) s
12 r (reproduce) s
13 r (itself.) s
20 r 87 c
-2 r 101 c
12 r (present) s
13 r (the) s
12 r (chronology) s
-36 1468 p (of) s
10 r (events) s
13 r (as) s
13 r (seen) s
13 r (by) s
12 r (our) s
12 r (team) s
13 r (at) s
12 r (MIT) s
-2 r 44 c
12 r (one) s
12 r (of) s
12 r 97 c
13 r (handful) s
11 r (of) s
-36 1518 p (group) s
-1 r 115 c
10 r (around) s
10 r (the) s
12 r (country) s
10 r (working) s
9 r (to) s
11 r (take) s
12 r (apart) s
11 r (the) s
11 r (virus,) s
-36 1568 p (in) s
13 r (an) s
15 r (attempt) s
14 r (to) s
14 r (discover) s
15 r (its) s
14 r (secrets) s
16 r (and) s
14 r (to) s
15 r (learn) s
14 r (the) s
15 r (net-) s
-36 1618 p (work') s
-3 r 115 c
15 r (vulnerabilit) s
-1 r (ies.) s
30 r 87 c
-2 r 101 c
15 r (describe) s
17 r (the) s
16 r (lessons) s
16 r (that) s
15 r (this) s
-36 1668 p (incident) s
10 r (has) s
14 r (taught) s
12 r (the) s
13 r (Internet) s
12 r (community) s
13 r (and) s
13 r (topics) s
12 r (for) s
-36 1717 p (futu) s
-1 r (re) s
11 r (consideration) s
11 r (and) s
13 r (resolution.) s
18 r 65 c
13 r (detailed) s
12 r (routine) s
11 r (by) s
-36 1767 p (rout) s
-1 r (ine) s
8 r (description) s
9 r (of) s
10 r (the) s
10 r (virus) s
10 r (program) s
10 r (including) s
8 r (the) s
10 r (con-) s
-36 1817 p (tents) s
8 r (of) s
10 r (its) s
10 r (built) s
8 r (in) s
10 r (dictionary) s
9 r (is) s
10 r (provided.) s
t-bol.420 @sf
-36 1960 p 49 c
57 r (Intr) s
(oduction) s
t-rom.300 @sf
-36 2054 p (The) s
9 r (Internet[) s
49 c
-1 r (][) s
50 c
-1 r (],) s
11 r 97 c
10 r (collection) s
9 r (of) s
10 r (interconnected) s
9 r (networks) s
-36 2104 p (lin) s
-1 r (kin) s
-1 r 103 c
6 r (approximately) s
7 r (60,000) s
7 r (computers,) s
9 r (was) s
9 r (attacked) s
8 r (by) s
8 r 97 c
-36 2154 p (viru) s
-1 r 115 c
9 r (program) s
10 r (on) s
10 r 50 c
11 r (November) s
11 r (1988.) s
13 r (The) s
11 r (Internet) s
10 r (commu-) s
-36 2204 p (nit) s
-1 r 121 c
13 r (is) s
14 r (comprised) s
14 r (of) s
14 r (academic,) s
18 r (corporate,) s
16 r (and) s
14 r (goverment) s
-36 2253 p (research) s
12 r (users,) s
14 r (all) s
13 r (seeking) s
12 r (to) s
12 r (exchange) s
14 r (information) s
10 r (to) s
12 r (en-) s
-36 2303 p (hance) s
10 r (their) s
9 r (research) s
12 r (ef) s
(forts.) s
4 2354 p (The) s
22 r (virus) s
20 r (broke) s
21 r (into) s
20 r (Berkeley) s
22 r (Standard) s
21 r (Distribut) s
-1 r (ion) s
-36 2404 p (\(BSD\)) s
10 r (UNIX) s
cmr7.300 @sf
187 2390 p 49 c
t-rom.300 @sf
218 2404 p (and) s
12 r (derivative) s
12 r (systems.) s
21 r (Once) s
13 r (resident) s
11 r (in) s
12 r 97 c
-36 2442 p 390 2 ru
cmsy6.300 @sf
4 2469 p 3 c
t-rom.240 @sf
22 2480 p (Copyright) s
17 r 99 c
cmsy8.300 @sf
-25 r 13 c
t-rom.240 @sf
8 r (1988) s
6 r (Massachusetts) s
6 r (Institute) s
8 r (of) s
7 r 84 c
-1 r (echnolog) s
-1 r 121 c
-2 r 46 c
9 r 65 c
8 r (version) s
-36 2520 p (of) s
7 r (this) s
8 r (paper) s
7 r (will) s
9 r (be) s
7 r (presented) s
7 r (at) s
8 r (the) s
8 r (1989) s
6 r (IEEE) s
9 r (Symposium) s
7 r (on) s
8 r (Research) s
-36 2559 p (in) s
8 r (Security) s
7 r (and) s
7 r (Privacy) s
-1 r 46 c
cmr6.300 @sf
5 2588 p 49 c
t-rom.240 @sf
22 2599 p (UNIX) s
7 r (is) s
7 r 97 c
6 r (trademark) s
6 r (of) s
6 r 65 c
-3 r (T&T) s
-1 r 46 c
6 r (DEC,) s
7 r 86 c
-3 r (AX,) s
6 r (and) s
6 r (Ultrix) s
7 r (are) s
6 r (trademarks) s
-36 2638 p (of) s
7 r (Digitial) s
7 r (Equipment) s
6 r (Corporation.) s
10 r (Sun,) s
8 r (SunOS,) s
8 r (and) s
6 r (NFS) s
9 r (are) s
7 r (trademarks) s
-36 2678 p (of) s
8 r (Sun) s
9 r (Microsystems,) s
8 r (Inc.) s
15 r (IBM) s
9 r (is) s
10 r 97 c
9 r (trademark) s
8 r (of) s
9 r (International) s
8 r (Business) s
-36 2717 p (Mach) s
-1 r (ines,) s
6 r (Inc.) s
t-rom.300 @sf
1012 926 p (computer) s
-1 r 44 c
11 r (it) s
10 r (attempted) s
11 r (to) s
10 r (break) s
11 r (into) s
10 r (other) s
10 r (machines) s
12 r (on) s
11 r (the) s
1012 976 p (network.) s
26 r (This) s
14 r (paper) s
15 r (is) s
14 r (an) s
14 r (analysis) s
15 r (of) s
14 r (that) s
13 r (virus) s
14 r (program) s
1012 1026 p (and) s
10 r (of) s
10 r (the) s
10 r (reaction) s
9 r (of) s
10 r (the) s
10 r (Internet) s
9 r (community) s
9 r (to) s
9 r (the) s
10 r (attack.) s
t-bol.360 @sf
1012 1275 p (1.1) s
51 r (Organization) s
t-rom.300 @sf
1012 1398 p (In) s
13 r (Section) s
12 r 49 c
13 r (we) s
13 r (discuss) s
13 r (the) s
12 r (categorization) s
12 r (of) s
12 r (the) s
13 r (program) s
1012 1448 p (which) s
14 r (attacked) s
14 r (the) s
13 r (Internet,) s
15 r (the) s
13 r (goals) s
14 r (of) s
13 r (the) s
14 r (teams) s
14 r (work-) s
1012 1498 p (ing) s
11 r (on) s
12 r (isolating) s
10 r (the) s
11 r (virus) s
11 r (and) s
12 r (the) s
11 r (methods) s
12 r (they) s
11 r (employed,) s
1012 1547 p (and) s
12 r (summarize) s
13 r (what) s
11 r (the) s
11 r (virus) s
11 r (did) s
11 r (and) s
11 r (did) s
11 r (not) s
11 r (actually) s
11 r (do.) s
1012 1597 p (In) s
11 r (Section) s
11 r 50 c
11 r (we) s
11 r (discuss) s
11 r (in) s
10 r (more) s
12 r (detail) s
10 r (the) s
11 r (strategies) s
11 r (it) s
10 r (em-) s
1012 1647 p (ployed,) s
16 r (the) s
14 r (speci) s
174 c
99 c
15 r (attacks) s
15 r (it) s
14 r (used,) s
16 r (and) s
15 r (the) s
14 r (ef) s
(fective) s
15 r (and) s
1012 1697 p (inef) s
(fective) s
13 r (defenses) s
14 r (proposed) s
12 r (by) s
13 r (the) s
13 r (community) s
-2 r 46 c
22 r (Section) s
1012 1747 p 51 c
12 r (is) s
12 r 97 c
13 r (detailed) s
11 r (presentation) s
11 r (of) s
12 r (the) s
11 r (chronology) s
11 r (of) s
11 r (the) s
12 r (virus.) s
1012 1797 p (It) s
13 r (describes) s
14 r (how) s
14 r (our) s
12 r (group) s
13 r (at) s
13 r (MIT) s
14 r (found) s
12 r (out) s
13 r (and) s
14 r (reacted) s
1012 1846 p (to) s
13 r (the) s
13 r (crisis,) s
14 r (and) s
14 r (relate) s
13 r (the) s
13 r (experiences) s
15 r (and) s
13 r (actions) s
13 r (of) s
13 r (se-) s
1012 1896 p (lect) s
10 r (other) s
9 r (groups) s
9 r (throughou) s
-1 r 116 c
7 r (the) s
10 r (country) s
-2 r 44 c
8 r (especially) s
10 r (as) s
10 r (they) s
1012 1946 p (interacted) s
12 r (with) s
11 r (our) s
12 r (group.) s
18 r (Once) s
13 r (the) s
12 r (crisis) s
12 r (had) s
12 r (passed,) s
14 r (the) s
1012 1996 p (Internet) s
7 r (community) s
7 r (had) s
8 r (time) s
7 r (not) s
7 r (only) s
6 r (to) s
7 r (explore) s
7 r (the) s
8 r (vulner-) s
1012 2046 p (abilities) s
11 r (which) s
11 r (had) s
12 r (allowed) s
11 r (the) s
12 r (attack) s
12 r (to) s
11 r (succeed,) s
14 r (but) s
11 r (also) s
1012 2095 p (to) s
10 r (consider) s
10 r (how) s
10 r (future) s
9 r (attacks) s
11 r (could) s
10 r (be) s
10 r (prevented.) s
14 r (Section) s
1012 2145 p 52 c
13 r (presents) s
13 r (our) s
13 r (views) s
13 r (on) s
12 r (the) s
13 r (lessons) s
13 r (learned) s
13 r (and) s
13 r (problems) s
1012 2195 p (to) s
11 r (be) s
11 r (faced) s
11 r (in) s
10 r (the) s
11 r (future.) s
14 r (In) s
11 r (Section) s
10 r 53 c
11 r (we) s
11 r (acknowledge) s
11 r (the) s
1012 2245 p (people) s
11 r (on) s
10 r (our) s
9 r (team) s
11 r (and) s
11 r (the) s
10 r (people) s
10 r (at) s
11 r (other) s
9 r (sites) s
11 r (who) s
10 r (aided) s
1012 2295 p (us) s
11 r (in) s
9 r (the) s
11 r (ef) s
(fort) s
8 r (to) s
10 r (understand) s
10 r (the) s
10 r (virus.) s
1054 2368 p 87 c
-2 r 101 c
9 r (present) s
10 r 97 c
10 r (subroutine) s
8 r (by) s
10 r (subroutine) s
8 r (description) s
8 r (of) s
10 r (the) s
1012 2418 p (virus) s
14 r (program) s
15 r (itself) s
14 r (in) s
14 r (Appendix) s
14 r (A,) s
16 r (including) s
13 r 97 c
15 r (diagram) s
1012 2468 p (of) s
15 r (the) s
15 r (information) s
13 r 175 c
(ow) s
14 r (through) s
13 r (the) s
15 r (routines) s
14 r (which) s
14 r (com-) s
1012 2518 p (prise) s
11 r (the) s
10 r 96 c
-2 r (`cracking) s
9 r (engine') s
-2 r ('.) s
12 r (Appendix) s
9 r 66 c
10 r (contains) s
10 r 97 c
11 r (list) s
9 r (of) s
1012 2568 p (the) s
11 r (words) s
11 r (included) s
10 r (in) s
10 r (the) s
11 r (built-) s
-1 r (in) s
9 r (dictionary) s
9 r (carried) s
11 r (by) s
11 r (the) s
1012 2617 p (virus.) s
23 r (Finally) s
12 r (in) s
12 r (Appendix) s
12 r 67 c
13 r (we) s
14 r (provide) s
12 r (an) s
14 r (alphabetized) s
1012 2667 p (list) s
12 r (of) s
13 r (all) s
13 r (the) s
13 r (people) s
13 r (mentioned) s
12 r (in) s
12 r (this) s
13 r (paper) s
-1 r 44 c
13 r (their) s
13 r (af) s
174 c
(lia-) s
1012 2717 p (tions,) s
10 r (and) s
10 r (their) s
10 r (network) s
9 r (mail) s
10 r (addresses.) s
@eop
2 @bop0
/Times-Italic /t-ita.300 ReEncodeForTeX /t-ita.300 /t-ita.300 41.511000 TeXPSmakefont def
/cmsy10.300 @newfont
cmsy10.300 @sf
[<07E01FF83FFC7FFE7FFEFFFFFFFFFFFFFFFFFFFFFFFF7FFE7FFE3FFC1FF807E0> 16 16 -2 -2 21] 15 @dc
2 @bop1
t-bol.360 @sf
-36 96 p (1.2) s
49 r 65 c
19 r (Rose) s
19 r (by) s
19 r (Any) s
18 r (Other) s
19 r (Name) s
t-rom.300 @sf
-36 175 p (The) s
8 r (question) s
7 r (of) s
8 r (how) s
8 r (to) s
8 r (classify) s
9 r (the) s
8 r (program) s
9 r (which) s
8 r (infected) s
-36 224 p (the) s
9 r (Internet) s
10 r (has) s
12 r (received) s
11 r 97 c
12 r (fair) s
10 r (amount) s
11 r (of) s
11 r (attention.) s
14 r 87 c
-2 r (as) s
10 r (it) s
-36 274 p 97 c
10 r 96 c
-2 r (`vi) s
-1 r (rus') s
-3 r 39 c
8 r (or) s
10 r 96 c
-2 r (`worm') s
-3 r (';) s
8 r (or) s
10 r (was) s
11 r (it) s
9 r (something) s
9 r (else?) s
4 324 p (There) s
14 r (is) s
12 r (confusion) s
11 r (about) s
12 r (the) s
13 r (term) s
13 r 96 c
-2 r (`vir) s
-1 r (us.') s
-3 r 39 c
19 r 84 c
-2 r 111 c
12 r 97 c
13 r (biolo-) s
-36 374 p (gist) s
6 r 97 c
8 r (virus) s
7 r (is) s
8 r (an) s
8 r (agent) s
8 r (of) s
8 r (infection) s
6 r (which) s
8 r (can) s
8 r (only) s
7 r (grow) s
8 r (and) s
-36 424 p (reproduce) s
9 r (within) s
9 r 97 c
11 r (host) s
10 r (cell.) s
15 r 65 c
10 r (lytic) s
10 r (virus) s
9 r (enters) s
11 r 97 c
11 r (cell) s
11 r (and) s
-36 474 p (uses) s
11 r (the) s
12 r (cell') s
-1 r 115 c
11 r (own) s
12 r (metabolic) s
11 r (machinery) s
13 r (to) s
11 r (replicate.) s
20 r (The) s
-36 524 p (newly) s
6 r (created) s
9 r (viruses) s
8 r (\(more) s
9 r (appropriately) s
6 r (called) s
9 r 96 c
-2 r (`vir) s
-1 r (ons') s
-3 r ('\)) s
-36 573 p (break) s
11 r (out) s
12 r (of) s
12 r (the) s
12 r (infected) s
12 r (cell,) s
14 r (destroying) s
11 r (it,) s
12 r (and) s
13 r (then) s
12 r (seek) s
-36 623 p (out) s
11 r (new) s
14 r (cells) s
14 r (to) s
13 r (infect.) s
24 r 65 c
14 r (lysogenetic) s
13 r (virus,) s
14 r (on) s
14 r (the) s
13 r (other) s
-36 673 p (hand,) s
16 r (alters) s
16 r (the) s
15 r (genetic) s
16 r (material) s
16 r (of) s
15 r (its) s
15 r (host) s
16 r (cells.) s
30 r (When) s
-36 723 p (the) s
13 r (host) s
14 r (cell) s
15 r (reproduces) s
15 r (it) s
14 r (unwitting) s
-1 r (ly) s
13 r (reproduces) s
15 r (the) s
14 r (vi-) s
-36 773 p (ral) s
11 r (genes.) s
21 r (At) s
12 r (some) s
14 r (point) s
11 r (in) s
12 r (the) s
12 r (future,) s
13 r (the) s
12 r (viral) s
12 r (genes) s
13 r (are) s
-36 823 p (activated) s
9 r (and) s
11 r (many) s
11 r (virons) s
10 r (are) s
11 r (produced) s
11 r (by) s
10 r (the) s
11 r (cell.) s
15 r (These) s
-36 872 p (proceed) s
11 r (to) s
11 r (break) s
11 r (out) s
11 r (of) s
11 r (the) s
12 r (cell) s
12 r (and) s
11 r (seek) s
13 r (out) s
10 r (other) s
11 r (cells) s
12 r (to) s
-36 922 p (infect[) s
51 c
-2 r (].) s
19 r (Some) s
13 r (single) s
12 r (strand) s
12 r (DNA) s
12 r (viruses) s
12 r (do) s
12 r (not) s
11 r (kill) s
11 r (the) s
-36 972 p (host) s
10 r (cell;) s
12 r (they) s
12 r (use) s
12 r (the) s
12 r (machinery) s
12 r (of) s
12 r (the) s
11 r (host) s
12 r (cell) s
12 r (to) s
11 r (repro-) s
-36 1022 p (duce) s
11 r (\(perhaps) s
11 r (slowing) s
11 r (normal) s
11 r (celluar) s
12 r (growth) s
10 r (by) s
12 r (diverting) s
-36 1072 p (resources\)) s
7 r (and) s
8 r (exit) s
7 r (the) s
8 r (cells) s
8 r (in) s
7 r 97 c
8 r (non-destructive) s
6 r (manner[) s
52 c
(].) s
4 1122 p 65 c
11 r 96 c
-2 r (`worm') s
-3 r 39 c
8 r (is) s
11 r (an) s
10 r (or) s
(ganism) s
10 r (with) s
9 r (an) s
11 r (elongated) s
10 r (segmented) s
-36 1172 p (body) s
-3 r 46 c
34 r (Because) s
19 r (of) s
17 r (the) s
17 r (shape) s
18 r (of) s
18 r (their) s
16 r (bodies) s
17 r (worms) s
18 r (can) s
-36 1221 p (snake) s
8 r (around) s
8 r (obstacles) s
8 r (and) s
9 r (work) s
8 r (their) s
7 r (way) s
9 r (into) s
7 r (unexpected) s
-36 1271 p (places.) s
15 r (Some) s
11 r (worms,) s
11 r (for) s
11 r (example) s
11 r (the) s
10 r (tapeworm,) s
12 r (are) s
11 r (para-) s
-36 1321 p (sites.) s
15 r (They) s
12 r (live) s
10 r (inside) s
10 r (of) s
11 r 97 c
12 r (host) s
10 r (or) s
(ganism,) s
11 r (feeding) s
11 r (directly) s
-36 1371 p (from) s
14 r (nutrients) s
15 r (intended) s
15 r (for) s
15 r (host) s
16 r (cells.) s
31 r (These) s
17 r (worms) s
16 r (re-) s
-36 1421 p (produ) s
-1 r (ce) s
10 r (by) s
10 r (shedding) s
9 r (one) s
11 r (of) s
10 r (their) s
10 r (segments) s
11 r (which) s
10 r (contains) s
-36 1471 p (many) s
15 r (eggs.) s
30 r (They) s
16 r (have) s
17 r (dif) s
174 c
(cult) s
-1 r 121 c
14 r (in) s
15 r (reaching) s
16 r (new) s
16 r (hosts,) s
-36 1520 p (since) s
10 r (they) s
10 r (usually) s
9 r (leave) s
12 r (an) s
11 r (infected) s
10 r (host) s
10 r (through) s
9 r (its) s
10 r (excre-) s
-36 1570 p (tory) s
7 r (system) s
9 r (and) s
9 r (may) s
10 r (not) s
8 r (readily) s
9 r (come) s
10 r (into) s
7 r (contact) s
9 r (with) s
8 r (an-) s
-36 1620 p (other) s
8 r (host[) s
53 c
-1 r (].) s
4 1670 p (In) s
12 r (deciding) s
12 r (which) s
12 r (term) s
13 r 174 c
(ts) s
12 r (the) s
12 r (program) s
13 r (which) s
12 r (infected) s
-36 1720 p (the) s
13 r (Internet,) s
16 r (we) s
16 r (must) s
15 r (decide) s
15 r (which) s
15 r (part) s
15 r (of) s
14 r (the) s
15 r (system) s
16 r (is) s
-36 1770 p (analogous) s
8 r (to) s
9 r (the) s
10 r 96 c
-2 r (`host') s
-3 r ('.) s
12 r (Possibilit) s
-1 r (ies) s
9 r (include) s
9 r (the) s
10 r (network,) s
-36 1820 p (host) s
13 r (computers,) s
17 r (programs,) s
17 r (and) s
15 r (processes.) s
31 r 87 c
-2 r 101 c
14 r (must) s
16 r (also) s
-36 1869 p (consider) s
9 r (the) s
10 r (actions) s
10 r (of) s
10 r (the) s
10 r (program) s
10 r (and) s
10 r (its) s
10 r (structure.) s
4 1920 p 86 c
-1 r (iewing) s
10 r (the) s
12 r (network) s
11 r (layer) s
12 r (as) s
13 r (the) s
12 r 96 c
-2 r (`host) s
-1 r 39 c
-3 r 39 c
10 r (is) s
12 r (not) s
11 r (fruitful;) s
-36 1969 p (the) s
7 r (network) s
8 r (was) s
10 r (not) s
8 r (attacked,) s
10 r (speci) s
174 c
99 c
10 r (hosts) s
8 r (on) s
9 r (the) s
8 r (network) s
-36 2019 p (were.) s
15 r (The) s
11 r (infection) s
9 r (never) s
11 r (spread) s
12 r (beyond) s
10 r (the) s
10 r (Internet) s
10 r (even) s
-36 2069 p (thou) s
-1 r (gh) s
15 r (there) s
18 r (were) s
18 r (gateways) s
18 r (to) s
16 r (other) s
17 r (types) s
17 r (of) s
17 r (networks.) s
-36 2119 p (One) s
9 r (could) s
9 r (view) s
10 r (the) s
9 r (infection) s
9 r (as) s
10 r 97 c
11 r (worm,) s
10 r (which) s
10 r 96 c
-2 r (`wig) s
-1 r (gled') s
-3 r 39 c
-36 2169 p (thro) s
-1 r (ugho) s
-1 r (ut) s
8 r (the) s
11 r (network.) s
14 r (But) s
10 r (as) s
12 r (Beckman) s
11 r (points) s
10 r (out[) s
54 c
-2 r 93 c
11 r (the) s
-36 2218 p (progr) s
-1 r (am) s
12 r (didn') s
116 c
11 r (have) s
14 r (connected) s
13 r 96 c
-2 r (`segments') s
-2 r 39 c
11 r (in) s
13 r (any) s
13 r (sense.) s
-36 2268 p (Thus) s
9 r (it) s
9 r (can') s
116 c
10 r (be) s
11 r 97 c
10 r (worm.) s
4 2319 p 65 c
13 r (model) s
13 r (showing) s
12 r (the) s
13 r (computers) s
13 r (as) s
14 r (the) s
13 r 96 c
-2 r (`host') s
-4 r 39 c
11 r (is) s
13 r (more) s
-36 2368 p (promisi) s
-1 r (ng.) s
12 r (The) s
11 r (infection) s
8 r (of) s
10 r 50 c
10 r (November) s
11 r (entered) s
10 r (the) s
10 r (hosts,) s
-36 2418 p (reproduced,) s
17 r (and) s
17 r (exited) s
16 r (in) s
16 r (search) s
17 r (of) s
17 r (new) s
17 r (hosts) s
16 r (to) s
16 r (infect.) s
-36 2468 p (Some) s
13 r (people) s
14 r (might) s
14 r (ar) s
(gue) s
13 r (that) s
14 r (since) s
15 r (the) s
14 r (host) s
13 r (was) s
15 r (not) s
13 r (de-) s
-36 2518 p (stroyed) s
6 r (in) s
7 r (this) s
8 r (process,) s
9 r (that) s
8 r (the) s
8 r (infecting) s
7 r (program) s
7 r (was) s
9 r (more) s
-36 2568 p (lik) s
-1 r 101 c
10 r 97 c
11 r (worm) s
11 r (than) s
10 r 97 c
11 r (virus.) s
15 r (But,) s
11 r (as) s
11 r (mentioned) s
10 r (earlier) s
-1 r 44 c
11 r (not) s
10 r (all) s
-36 2617 p (viru) s
-1 r (ses) s
9 r (destroy) s
9 r (their) s
8 r (host) s
9 r (cells.) s
14 r (Denning) s
9 r 91 c
55 c
-1 r 93 c
10 r (de) s
174 c
(nes) s
10 r 97 c
10 r (com-) s
-36 2667 p (puter) s
12 r (worm) s
13 r (as) s
15 r 97 c
14 r (program) s
13 r (which) s
14 r (enters) s
13 r 97 c
15 r (workstation) s
12 r (and) s
-36 2717 p (disables) s
7 r (it.) s
13 r (In) s
8 r (that) s
8 r (sense) s
10 r (the) s
9 r (infection) s
7 r (could) s
8 r (be) s
9 r (considered) s
9 r 97 c
1012 96 p (worm,) s
10 r (but) s
7 r (we) s
9 r (reject) s
9 r (this) s
7 r (de) s
174 c
(nition.) s
12 r (The) s
9 r (infected) s
9 r (computers) s
1012 146 p (were) s
11 r (af) s
(fected) s
10 r (but) s
9 r (not) s
9 r (all) s
9 r (were) s
10 r 96 c
-2 r (`disabled') s
-3 r ('.) s
12 r (There) s
11 r (is) s
9 r (also) s
10 r (no) s
1012 196 p (analog) s
11 r (to) s
9 r (the) s
10 r (segments) s
11 r (of) s
10 r 97 c
11 r (biological) s
8 r (worm.) s
1054 248 p (Denning) s
18 r (has) s
20 r (described) s
19 r (how) s
18 r (many) s
20 r (personal) s
19 r (computer) s
1012 298 p (programs) s
13 r (have) s
13 r (been) s
13 r (infected) s
12 r (by) s
12 r (viral) s
11 r (programs[) s
55 c
(].) s
20 r (These) s
1012 348 p (are) s
20 r (frequently) s
18 r (analogous) s
19 r (to) s
18 r (lysogenetic) s
18 r (viruses) s
19 r (because) s
1012 397 p (they) s
11 r (modify) s
10 r (the) s
11 r (actual) s
11 r (program) s
11 r (code) s
11 r (as) s
12 r (stored) s
10 r (in) s
10 r (the) s
11 r (com-) s
1012 447 p (puter) s
2 r 39 c
-1 r 115 c
14 r (secondary) s
16 r (storage.) s
30 r (As) s
15 r (the) s
16 r (infected) s
15 r (programs) s
16 r (are) s
1012 497 p (copied) s
17 r (from) s
16 r (computer) s
16 r (to) s
16 r (computer) s
16 r (through) s
14 r (normal) s
16 r (soft-) s
1012 547 p (ware) s
16 r (distribu) s
-1 r (tio) s
-1 r (n,) s
14 r (the) s
14 r (viral) s
14 r (code) s
14 r (is) s
14 r (also) s
15 r (copied.) s
26 r (At) s
14 r (some) s
1012 597 p (point) s
10 r (the) s
11 r (viral) s
10 r (code) s
12 r (may) s
12 r (activate) s
11 r (and) s
11 r (perform) s
11 r (some) s
12 r (action) s
1012 646 p (such) s
15 r (as) s
15 r (deleting) s
13 r 174 c
(les) s
15 r (or) s
14 r (displaying) s
13 r 97 c
14 r (message.) s
29 r (Applying) s
1012 696 p (this) s
7 r (de) s
174 c
(nition) s
6 r (of) s
7 r 97 c
8 r (virus) s
6 r (while) s
7 r (viewing) s
6 r (programs) s
8 r (as) s
8 r 96 c
-2 r (`hosts') s
-3 r 39 c
1012 746 p (does) s
10 r (not) s
8 r (work) s
8 r (for) s
9 r (the) s
8 r (Internet) s
8 r (infection,) s
9 r (since) s
9 r (the) s
9 r (virus) s
8 r (nei-) s
1012 796 p (ther) s
10 r (attacked) s
11 r (nor) s
10 r (modi) s
174 c
(ed) s
10 r (programs) s
10 r (in) s
10 r (any) s
10 r (way) s
-2 r 46 c
1054 848 p (If,) s
12 r (however) s
-1 r 44 c
11 r (processes) s
12 r (are) s
12 r (view) s
12 r (as) s
12 r 96 c
-2 r (`host) s
-1 r (s') s
-3 r (',) s
10 r (then) s
11 r (the) s
11 r (In-) s
1012 898 p (ternet) s
11 r (infection) s
10 r (can) s
12 r (clearly) s
12 r (be) s
11 r (considered) s
11 r 97 c
12 r (viral) s
11 r (infection.) s
1012 948 p (The) s
11 r (virus) s
8 r (entered) s
10 r (hosts) s
9 r (through) s
8 r 97 c
10 r (daemon) s
10 r (process,) s
10 r (tricking) s
1012 997 p (that) s
9 r (process) s
10 r (into) s
8 r (creating) s
9 r 97 c
9 r (viral) s
9 r (process,) s
10 r (which) s
9 r (would) s
8 r (then) s
1012 1047 p (attempt) s
14 r (to) s
13 r (reproduce.) s
24 r (In) s
13 r (only) s
13 r (one) s
14 r (case,) s
16 r (the) s
13 r 174 c
(nger) s
14 r (attack,) s
1012 1097 p (was) s
11 r (the) s
11 r (daemon) s
11 r (process) s
11 r (actually) s
9 r (changed;) s
11 r (but) s
9 r (as) s
11 r (we) s
11 r (noted) s
1012 1147 p (above) s
11 r (only) s
9 r (lysogenetic) s
10 r (viruses) s
10 r (actually) s
10 r (change) s
11 r (their) s
10 r (host') s
-2 r 115 c
1012 1197 p (genetic) s
11 r (material.) s
1054 1249 p (Denning) s
12 r (de) s
174 c
(nes) s
13 r 97 c
14 r (bacterium) s
13 r (as) s
13 r 97 c
14 r (program) s
12 r (which) s
13 r (repli-) s
1012 1299 p (cates) s
9 r (itself) s
7 r (and) s
7 r (feeds) s
9 r (of) s
102 c
6 r (the) s
8 r (host') s
-2 r 115 c
6 r (computational) s
6 r (resources.) s
1012 1348 p (While) s
14 r (this) s
14 r (seems) s
15 r (to) s
14 r (describe) s
15 r (the) s
14 r (program) s
14 r (which) s
14 r (infected) s
1012 1398 p (the) s
11 r (Internet,) s
10 r (it) s
10 r (is) s
11 r (an) s
11 r (awkward) s
11 r (and) s
11 r (vague) s
11 r (description) s
9 r (which) s
1012 1448 p (doesn') s
116 c
9 r (seem) s
12 r (to) s
10 r (convey) s
10 r (the) s
10 r (nature) s
10 r (of) s
10 r (the) s
10 r (infection) s
9 r (at) s
10 r (all.) s
1054 1500 p (Thus) s
10 r (we) s
10 r (have) s
11 r (chosen) s
10 r (to) s
9 r (call) s
10 r (the) s
10 r (program) s
9 r (which) s
10 r (infected) s
1012 1550 p (the) s
11 r (Internet) s
9 r 97 c
11 r (virus.) s
13 r 87 c
-2 r 101 c
10 r (feel) s
10 r (it) s
10 r (is) s
10 r (accurate) s
12 r (and) s
10 r (descriptive.) s
t-bol.360 @sf
1012 1681 p (1.3) s
51 r (Goals) s
18 r (and) s
19 r 84 c
-4 r (argets) s
t-rom.300 @sf
1012 1764 p (The) s
15 r (program) s
14 r (that) s
14 r (attacked) s
15 r (many) s
14 r (Internet) s
14 r (hosts) s
14 r (was) s
14 r (itself) s
1012 1813 p (attacked) s
10 r (by) s
9 r (teams) s
10 r (of) s
8 r (programmers) s
10 r (around) s
8 r (the) s
9 r (country) s
-2 r 46 c
12 r (The) s
1012 1863 p (goal) s
9 r (of) s
8 r (these) s
9 r (teams) s
9 r (was) s
9 r (to) s
8 r 174 c
(nd) s
8 r (out) s
t-ita.300 @sf
8 r (all) s
t-rom.300 @sf
8 r (the) s
8 r (inner) s
8 r (workings) s
7 r (of) s
1012 1913 p (the) s
10 r (virus.) s
13 r (This) s
10 r (included) s
9 r (not) s
9 r (just) s
9 r (understanding) s
8 r (how) s
9 r (to) s
9 r (stop) s
1012 1963 p (further) s
9 r (attacks,) s
11 r (but) s
9 r (also) s
10 r (understanding) s
8 r (whether) s
10 r (any) s
10 r (perma-) s
1012 2013 p (nent) s
10 r (damage) s
11 r (had) s
11 r (been) s
10 r (done,) s
10 r (including) s
8 r (destruction) s
9 r (or) s
10 r (alter-) s
1012 2062 p (ation) s
11 r (of) s
11 r (data) s
11 r (during) s
10 r (the) s
11 r (actual) s
12 r (infection,) s
11 r (or) s
11 r (possible) s
10 r 96 c
-2 r (`time) s
1012 2112 p (bombs') s
-2 r 39 c
9 r (left) s
10 r (for) s
10 r (later) s
10 r (execution.) s
1054 2164 p (There) s
16 r (were) s
16 r (several) s
16 r (steps) s
15 r (in) s
15 r (achieving) s
15 r (these) s
15 r (goals:) s
23 r (in-) s
1012 2214 p (cluding) s
cmsy10.300 @sf
1054 2266 p 15 c
t-rom.300 @sf
20 r (isolating) s
7 r 97 c
8 r (specimen) s
9 r (of) s
7 r (the) s
8 r (virus) s
7 r (in) s
8 r 97 c
8 r (form) s
8 r (which) s
7 r (could) s
1095 2316 p (be) s
11 r (analyzed.) s
cmsy10.300 @sf
1054 2366 p 15 c
t-rom.300 @sf
20 r 96 c
-2 r (`decompiling') s
-4 r 39 c
15 r (the) s
16 r (virus,) s
17 r (into) s
16 r 97 c
16 r (form) s
17 r (that) s
16 r (could) s
15 r (be) s
1095 2416 p (shown) s
15 r (to) s
15 r (reduce) s
15 r (to) s
15 r (the) s
15 r (executable) s
16 r (of) s
14 r (the) s
15 r (real) s
16 r (thing,) s
1095 2466 p (so) s
11 r (that) s
9 r (the) s
11 r (higher) s
9 r (level) s
10 r (version) s
10 r (could) s
9 r (be) s
11 r (interpreted.) s
cmsy10.300 @sf
1054 2515 p 15 c
t-rom.300 @sf
20 r (analyzing) s
12 r (the) s
11 r (strategies) s
12 r (used) s
12 r (by) s
11 r (the) s
12 r (virus,) s
11 r (and) s
12 r (the) s
12 r (el-) s
1095 2565 p (ements) s
13 r (of) s
12 r (its) s
12 r (design,) s
12 r (in) s
12 r (order) s
12 r (to) s
12 r 174 c
(nd) s
12 r (weaknesses) s
14 r (and) s
1095 2615 p (methods) s
11 r (of) s
10 r (defeating) s
9 r (it.) s
1054 2667 p (The) s
16 r 174 c
(rst) s
15 r (two) s
14 r (steps) s
16 r (were) s
16 r (completed) s
15 r (by) s
15 r (the) s
15 r (morning) s
14 r (of) s
1012 2717 p 52 c
15 r (November) s
15 r (1988.) s
26 r (Enough) s
14 r (of) s
14 r (the) s
14 r (third) s
13 r (was) s
15 r (complete) s
15 r (to) s
965 2842 p 50 c
@eop
3 @bop0
/Courier /c-med.300 ReEncodeForTeX /c-med.300 /c-med.300 41.511000 TeXPSmakefont def
cmr7.300 @sf
[<FFE0FFE07FE0307018300C300E000700038001C001E000F000F070F0F8F0F9E0FBE07FC01F00> 12 19 -2 0 17] 50 @dc
cmr6.300 @sf
[<FFC0FFC07FC0306018600E000700038001C001E000E0E0E0E1E0C3C07F801F00> 11 16 -1 0 15] 50 @dc
3 @bop1
t-rom.300 @sf
-36 96 p (determine) s
13 r (that) s
14 r (the) s
14 r (virus) s
14 r (was) s
15 r (harmless,) s
17 r (but) s
13 r (there) s
15 r (were) s
15 r (no) s
-36 146 p (clues) s
12 r (to) s
12 r (the) s
12 r (higher) s
12 r (level) s
13 r (issues,) s
14 r (such) s
12 r (as) s
14 r (the) s
12 r (reason) s
14 r (for) s
12 r (the) s
-36 196 p (viru) s
-1 r (s') s
9 r (rapid) s
9 r (spread.) s
4 246 p (Once) s
12 r (the) s
12 r (decompiled) s
11 r (code) s
12 r (existed,) s
12 r (and) s
11 r (the) s
11 r (threat) s
12 r (of) s
11 r (the) s
-36 296 p (viru) s
-1 r 115 c
12 r (known) s
13 r (to) s
13 r (be) s
13 r (minimal,) s
15 r (it) s
12 r (was) s
15 r (clear) s
14 r (to) s
13 r (the) s
13 r (MIT) s
14 r (team) s
-36 345 p (and) s
14 r (those) s
16 r (at) s
15 r (Berkeley) s
16 r (that) s
15 r (the) s
15 r (code) s
16 r (should) s
15 r (be) s
16 r (protected.) s
-36 395 p 87 c
-2 r 101 c
11 r (understood) s
13 r (that) s
12 r (the) s
14 r (knowledge) s
13 r (required) s
13 r (to) s
12 r (write) s
13 r (such) s
-36 445 p 97 c
11 r (progr) s
-1 r (am) s
10 r (could) s
10 r (not) s
9 r (be) s
11 r (kept) s
10 r (secret,) s
12 r (but) s
10 r (felt) s
10 r (that) s
10 r (if) s
10 r (the) s
10 r (code) s
-36 495 p (were) s
12 r (publicly) s
10 r (available,) s
14 r (someone) s
13 r (could) s
12 r (too) s
11 r (easily) s
13 r (modify) s
-36 545 p (it) s
12 r (and) s
11 r (release) s
15 r 97 c
13 r (damaging) s
13 r (mutated) s
12 r (strain.) s
22 r (If) s
12 r (this) s
12 r (occurred) s
-36 594 p (before) s
7 r (many) s
8 r (hosts) s
8 r (had) s
8 r (removed) s
8 r (the) s
8 r (bugs) s
8 r (which) s
7 r (allowed) s
8 r (the) s
-36 644 p (penetratio) s
-1 r 110 c
8 r (in) s
9 r (the) s
9 r 174 c
(rst) s
10 r (place,) s
10 r (much) s
10 r (damage) s
11 r (would) s
9 r (be) s
9 r (done.) s
4 694 p (There) s
11 r (was) s
11 r (also) s
10 r 97 c
10 r (clear) s
11 r (need) s
10 r (to) s
10 r (explain) s
9 r (to) s
10 r (the) s
9 r (community) s
-36 744 p (what) s
7 r (the) s
9 r (virus) s
8 r (was) s
9 r (and) s
9 r (how) s
9 r (it) s
8 r (worked.) s
13 r (This) s
9 r (information,) s
7 r (in) s
-36 794 p (the) s
8 r (form) s
9 r (of) s
9 r (this) s
8 r (report,) s
9 r (can) s
10 r (actually) s
9 r (be) s
t-ita.300 @sf
10 r (mor) s
-1 r 101 c
t-rom.300 @sf
9 r (useful) s
9 r (to) s
9 r (inter-) s
-36 844 p (ested) s
7 r (people) s
8 r (than) s
7 r (the) s
8 r (source) s
9 r (code) s
8 r (could) s
7 r (be,) s
10 r (since) s
8 r (it) s
7 r (includes) s
-36 893 p (discussion) s
6 r (of) s
8 r (the) s
8 r (side) s
8 r (ef) s
(fects) s
8 r (and) s
8 r (results) s
8 r (of) s
8 r (the) s
8 r (code,) s
9 r (as) s
9 r (well) s
-36 943 p (as) s
7 r 175 c
(aws) s
8 r (in) s
7 r (it,) s
8 r (rather) s
8 r (than) s
7 r (merely) s
8 r (listing) s
6 r (the) s
7 r (code) s
8 r (line) s
8 r (by) s
7 r (line.) s
-36 993 p (Conv) s
-1 r (ersely) s
-2 r 44 c
6 r (there) s
8 r (are) s
8 r (people) s
7 r (interested) s
7 r (in) s
7 r (the) s
8 r (intricate) s
6 r (detail) s
-36 1043 p (of) s
7 r (how) s
8 r (and) s
9 r (why) s
9 r (certain) s
9 r (routines) s
7 r (were) s
10 r (used;) s
9 r (there) s
9 r (should) s
7 r (be) s
-36 1093 p (enough) s
6 r (detail) s
7 r (here) s
8 r (to) s
7 r (satisfy) s
7 r (them) s
8 r (as) s
9 r (well.) s
13 r (Readers) s
8 r (will) s
7 r (also) s
-36 1143 p 174 c
(nd) s
8 r (Seely[) s
56 c
93 c
10 r (and) s
11 r (Spaf) s
(ford') s
-2 r (s[) s
57 c
-2 r 93 c
10 r (papers) s
10 r (interesting.) s
t-bol.360 @sf
-36 1262 p (1.4) s
49 r (Major) s
18 r (Points) s
t-rom.300 @sf
-36 1340 p (This) s
13 r (section) s
15 r (provides) s
14 r (an) s
16 r (outline) s
13 r (of) s
15 r (the) s
15 r (how) s
15 r (the) s
14 r (virus) s
15 r (at-) s
-36 1390 p (tacked) s
11 r (and) s
13 r (who) s
12 r (it) s
12 r (attacked.) s
21 r (It) s
12 r (also) s
13 r (lists) s
11 r (several) s
14 r (things) s
11 r (the) s
-36 1440 p (viru) s
-1 r 115 c
11 r (did) s
11 r (not) s
12 r (do,) s
13 r (but) s
11 r (which) s
12 r (many) s
12 r (people) s
13 r (seem) s
13 r (to) s
12 r (have) s
13 r (at-) s
-36 1490 p (trib) s
-1 r (ut) s
-1 r (ed) s
14 r (to) s
14 r (the) s
15 r (virus.) s
28 r (All) s
14 r (of) s
15 r (the) s
14 r (following) s
13 r (points) s
14 r (are) s
15 r (de-) s
-36 1540 p (scribed) s
9 r (in) s
9 r (more) s
11 r (detail) s
10 r (in) s
9 r (Section) s
10 r (2.) s
t-bol.300 @sf
-36 1651 p (1.4.1) s
40 r (How) s
16 r (it) s
15 r (enter) s
(ed) s
cmsy10.300 @sf
4 1729 p 15 c
t-rom.300 @sf
21 r (sendmail) s
8 r (\(needed) s
9 r (debug) s
8 r (mode,) s
10 r (as) s
9 r (in) s
8 r (SunOS) s
9 r (binary) s
7 r (re-) s
46 1779 p (leases\)) s
cmsy10.300 @sf
4 1828 p 15 c
21 r t-rom.300 @sf
174 c
(nger[) s
(10) s
-1 r 93 c
10 r (\(only) s
9 r 86 c
-4 r (AX) s
9 r (hosts) s
10 r (were) s
11 r (victims\)) s
cmsy10.300 @sf
4 1878 p 15 c
t-rom.300 @sf
21 r (remote) s
10 r (execution) s
10 r (system,) s
11 r (using) s
cmsy10.300 @sf
95 1928 p 15 c
t-rom.300 @sf
21 r (rexec) s
cmsy10.300 @sf
95 1978 p 15 c
t-rom.300 @sf
21 r (rsh) s
t-bol.300 @sf
-36 2089 p (1.4.2) s
40 r (Who) s
15 r (it) s
16 r (attacked) s
cmsy10.300 @sf
4 2167 p 15 c
t-rom.300 @sf
21 r (accounts) s
10 r (with) s
9 r (obvious) s
9 r (passwords,) s
11 r (such) s
10 r (as) s
cmsy10.300 @sf
95 2217 p 15 c
t-rom.300 @sf
21 r (none) s
10 r (at) s
10 r (all) s
cmsy10.300 @sf
95 2267 p 15 c
t-rom.300 @sf
21 r (the) s
10 r (user) s
10 r (name) s
cmsy10.300 @sf
95 2317 p 15 c
t-rom.300 @sf
21 r (the) s
10 r (user) s
10 r (name) s
12 r (appended) s
10 r (to) s
10 r (itself) s
cmsy10.300 @sf
95 2366 p 15 c
t-rom.300 @sf
21 r (the) s
10 r 96 c
-2 r (`nickname') s
-2 r 39 c
cmsy10.300 @sf
95 2416 p 15 c
t-rom.300 @sf
21 r (the) s
10 r (last) s
10 r (name) s
cmsy10.300 @sf
95 2466 p 15 c
t-rom.300 @sf
21 r (the) s
10 r (last) s
10 r (name) s
11 r (spelled) s
10 r (backwards) s
cmsy10.300 @sf
4 2516 p 15 c
t-rom.300 @sf
21 r (accounts) s
8 r (with) s
7 r (passwords) s
8 r (in) s
8 r 97 c
9 r (432) s
7 r (word) s
8 r (dictionary) s
7 r (\(see) s
46 2566 p (Appendix) s
9 r (B\)) s
cmsy10.300 @sf
4 2615 p 15 c
t-rom.300 @sf
21 r (accounts) s
10 r (with) s
9 r (passwords) s
11 r (in) s
c-med.300 @sf
9 r (/usr/dict/words) s
cmsy10.300 @sf
4 2665 p 15 c
t-rom.300 @sf
21 r (accounts) s
31 r (which) s
31 r (trusted) s
31 r (other) s
30 r (machines) s
33 r (via) s
31 r (the) s
c-med.300 @sf
46 2715 p (.rhosts) s
t-rom.300 @sf
9 r (mechanism) s
t-bol.300 @sf
1012 96 p (1.4.3) s
42 r (What) s
15 r (it) s
15 r (attacked) s
cmsy10.300 @sf
1054 174 p 15 c
t-rom.300 @sf
20 r (SUNs) s
11 r (and) s
10 r 86 c
-4 r (AXes) s
10 r (only) s
cmsy10.300 @sf
1054 224 p 15 c
t-rom.300 @sf
20 r (machines) s
12 r (in) s
c-med.300 @sf
9 r (/etc/hosts.equiv) s
cmsy10.300 @sf
1054 273 p 15 c
t-rom.300 @sf
20 r (machines) s
12 r (in) s
c-med.300 @sf
9 r (/.rhosts) s
cmsy10.300 @sf
1054 323 p 15 c
t-rom.300 @sf
20 r (machines) s
12 r (in) s
9 r (cracked) s
12 r (accounts') s
c-med.300 @sf
10 r (.forward) s
10 r t-rom.300 @sf
174 c
(les) s
cmsy10.300 @sf
1054 373 p 15 c
t-rom.300 @sf
20 r (machines) s
12 r (in) s
9 r (cracked) s
12 r (accounts') s
c-med.300 @sf
10 r (.rhosts) s
10 r t-rom.300 @sf
174 c
(les) s
cmsy10.300 @sf
1054 423 p 15 c
t-rom.300 @sf
20 r (machines) s
11 r (listed) s
10 r (as) s
10 r (network) s
9 r (gateways) s
11 r (in) s
10 r (routing) s
8 r (tables) s
cmsy10.300 @sf
1054 473 p 15 c
t-rom.300 @sf
20 r (machines) s
12 r (at) s
10 r (the) s
10 r (far) s
11 r (end) s
10 r (of) s
10 r (point-to) s
-1 r (-poi) s
-1 r (nt) s
8 r (interfaces) s
cmsy10.300 @sf
1054 523 p 15 c
t-rom.300 @sf
20 r (possibly) s
12 r (machines) s
13 r (at) s
12 r (randomly) s
12 r (guessed) s
13 r (addresses) s
14 r (on) s
1095 572 p (networks) s
10 r (of) s
10 r 174 c
(rst) s
10 r (hop) s
10 r (gateways) s
t-bol.300 @sf
1012 683 p (1.4.4) s
42 r (What) s
15 r (it) s
15 r (did) s
16 r (NOT) s
16 r (do) s
cmsy10.300 @sf
1054 761 p 15 c
t-rom.300 @sf
20 r (gain) s
18 r (privileged) s
17 r (access) s
20 r (\(it) s
17 r (almost) s
18 r (never) s
18 r (broke) s
17 r (in) s
18 r (as) s
c-med.300 @sf
1095 811 p (root) s
t-rom.300 @sf
41 c
cmsy10.300 @sf
1054 860 p 15 c
t-rom.300 @sf
20 r (destroy) s
10 r (or) s
10 r (attempt) s
10 r (to) s
10 r (destroy) s
9 r (any) s
11 r (data) s
cmsy10.300 @sf
1054 910 p 15 c
t-rom.300 @sf
20 r (leave) s
11 r (time) s
11 r (bombs) s
10 r (behind) s
cmsy10.300 @sf
1054 960 p 15 c
t-rom.300 @sf
20 r (dif) s
(ferentiate) s
26 r (among) s
27 r (networks) s
26 r (\(such) s
28 r (as) s
27 r (MILNET) s
-2 r 44 c
1095 1010 p (ARP) s
-3 r (ANET\)) s
cmsy10.300 @sf
1054 1060 p 15 c
t-rom.300 @sf
20 r (use) s
11 r (UUCP) s
10 r (at) s
11 r (all) s
cmsy10.300 @sf
1054 1109 p 15 c
t-rom.300 @sf
20 r (attack) s
8 r (speci) s
174 c
99 c
8 r (well-known) s
5 r (or) s
7 r (privileged) s
6 r (accounts) s
7 r (such) s
1095 1159 p (as) s
c-med.300 @sf
11 r (root) s
t-bol.420 @sf
1012 1300 p 50 c
59 r (Strategies) s
t-bol.360 @sf
1012 1401 p (2.1) s
51 r (Attacks) s
t-rom.300 @sf
1012 1478 p (This) s
9 r (virus) s
7 r (attacked) s
8 r (several) s
9 r (things,) s
8 r (directly) s
7 r (and) s
8 r (indirectly) s
-2 r 46 c
11 r (It) s
1012 1528 p (picked) s
8 r (out) s
8 r (some) s
8 r (deliberate) s
8 r (tar) s
(gets,) s
8 r (such) s
9 r (as) s
8 r (speci) s
174 c
99 c
9 r (network) s
1012 1578 p (daemons) s
16 r (through) s
12 r (which) s
14 r (to) s
14 r (infect) s
14 r (the) s
14 r (remote) s
15 r (host.) s
26 r (There) s
1012 1628 p (were) s
15 r (also) s
13 r (less) s
14 r (direct) s
14 r (tar) s
(gets,) s
13 r (such) s
14 r (as) s
14 r (mail) s
14 r (service) s
14 r (and) s
14 r (the) s
1012 1678 p 175 c
(ow) s
11 r (of) s
10 r (information) s
8 r (about) s
10 r (the) s
10 r (virus.) s
t-bol.300 @sf
1012 1788 p (2.1.1) s
42 r (Sendmail) s
15 r (Debug) s
16 r (Mode) s
t-rom.300 @sf
1012 1866 p (The) s
14 r (virus) s
11 r (exploited) s
12 r (the) s
12 r 96 c
-2 r (`debug') s
-3 r 39 c
10 r (function) s
12 r (of) s
c-med.300 @sf
12 r (sendmail) s
t-rom.300 @sf
44 c
1012 1916 p (which) s
10 r (enables) s
11 r (debugging) s
8 r (mode) s
11 r (for) s
9 r (the) s
10 r (duration) s
9 r (of) s
10 r (the) s
10 r (cur-) s
1012 1966 p (rent) s
14 r (connection.) s
23 r (Debugging) s
12 r (mode) s
13 r (has) s
14 r (many) s
14 r (features,) s
15 r (in-) s
1012 2016 p (cluding) s
11 r (the) s
12 r (ability) s
10 r (to) s
11 r (send) s
12 r 97 c
12 r (mail) s
12 r (message) s
14 r (with) s
10 r 97 c
13 r (program) s
1012 2065 p (as) s
12 r (the) s
11 r (recipient) s
11 r (\(i.e.) s
17 r (the) s
11 r (program) s
11 r (would) s
10 r (run,) s
11 r (with) s
11 r (all) s
10 r (of) s
11 r (its) s
1012 2115 p (input) s
10 r (coming) s
10 r (from) s
11 r (the) s
10 r (body) s
10 r (of) s
11 r (the) s
11 r (message\).) s
17 r (This) s
11 r (is) s
10 r (inap-) s
1012 2165 p (propriate) s
10 r (and) s
11 r (rumor[) s
49 c
-1 r 49 c
-2 r 93 c
10 r (has) s
11 r (it) s
10 r (that) s
10 r (the) s
10 r (author) s
10 r (included) s
9 r (this) s
1012 2215 p (feature) s
14 r (to) s
13 r (allow) s
12 r (him) s
13 r (to) s
13 r (circumvent) s
13 r (security) s
12 r (on) s
13 r 97 c
14 r (machine) s
1012 2265 p (he) s
13 r (was) s
12 r (using) s
12 r (for) s
11 r (testing.) s
18 r (It) s
12 r (certainly) s
11 r (exceeds) s
14 r (the) s
11 r (intended) s
1012 2314 p (design) s
10 r (of) s
10 r (the) s
10 r (Simple) s
10 r (Mail) s
10 r 84 c
(ransfer) s
10 r (Protocol) s
9 r (\(SMTP\)) s
10 r 91 c
(12) s
-1 r (].) s
1054 2364 p (Speci) s
174 c
(cation) s
14 r (of) s
13 r 97 c
15 r (program) s
14 r (to) s
13 r (execute) s
15 r (when) s
14 r (mail) s
14 r (is) s
13 r (re-) s
1012 2414 p (ceived) s
15 r (is) s
13 r (normally) s
13 r (allowed) s
14 r (in) s
13 r (the) s
c-med.300 @sf
14 r (sendmail) s
t-rom.300 @sf
13 r (aliases) s
14 r 174 c
(le) s
1012 2464 p (or) s
11 r (users') s
c-med.300 @sf
11 r (.forward) s
10 r t-rom.300 @sf
174 c
(les) s
11 r (directly) s
-2 r 44 c
10 r (for) s
c-med.300 @sf
10 r (vacation) s
cmr7.300 @sf
1874 2450 p 50 c
t-rom.300 @sf
1892 2464 p 44 c
12 r (mail) s
1012 2514 p (archive) s
13 r (programs,) s
12 r (and) s
12 r (personal) s
12 r (mail) s
12 r (sorters.) s
18 r (It) s
12 r (is) s
t-ita.300 @sf
11 r (not) s
t-rom.300 @sf
11 r (nor-) s
1012 2564 p (mally) s
12 r (allowed) s
12 r (for) s
12 r (incoming) s
11 r (connections.) s
19 r (In) s
12 r (the) s
12 r (virus,) s
12 r (the) s
1012 2600 p 390 2 ru
cmr6.300 @sf
1055 2627 p 50 c
t-rom.240 @sf
1072 2638 p 65 c
10 r (program) s
8 r (which) s
9 r (accepts) s
8 r (incoming) s
8 r (mail) s
10 r (and) s
8 r (sends) s
9 r (back) s
8 r (mail) s
9 r (to) s
10 r (the) s
1012 2678 p (original) s
7 r (sender) s
44 c
5 r (usually) s
7 r (saying) s
6 r (something) s
6 r (like) s
7 r 96 c
-1 r (`I) s
6 r (am) s
7 r (on) s
7 r (vacation,) s
6 r (and) s
7 r (will) s
1012 2717 p (not) s
8 r (read) s
8 r (your) s
7 r (mail) s
8 r (until) s
8 r 73 c
9 r (return.') s
-1 r 39 c
t-rom.300 @sf
965 2842 p 51 c
@eop
4 @bop0
cmr7.300 @sf
[<1FC03FF07078F838F83CF83C703C003800700FC00FC000F0007038787878787838703FE00FC0> 14 19 -1 0 17] 51 @dc
cmr6.300 @sf
[<3F007F80E1C0E1E041E001E001C003C00F000F80038023C073C073C03F801F00> 11 16 -1 0 15] 51 @dc
4 @bop1
t-rom.300 @sf
-36 96 p 96 c
-2 r (`r) s
-1 r (ecipient) s
-1 r 39 c
-3 r 39 c
12 r (was) s
15 r 97 c
15 r (command) s
15 r (to) s
13 r (strip) s
14 r (of) s
102 c
13 r (the) s
14 r (mail) s
14 r (headers) s
-36 146 p (and) s
12 r (pass) s
15 r (the) s
13 r (remainder) s
14 r (of) s
14 r (the) s
13 r (message) s
16 r (to) s
13 r 97 c
14 r (command) s
14 r (in-) s
-36 196 p (terpreter) s
-2 r 46 c
16 r (The) s
13 r (body) s
10 r (was) s
13 r 97 c
12 r (script) s
11 r (that) s
11 r (created) s
13 r 97 c
12 r 67 c
11 r (program,) s
-36 246 p (the) s
6 r 96 c
-2 r (`grappli) s
-1 r (ng) s
6 r (hook,') s
-2 r 39 c
6 r (which) s
7 r (transfered) s
8 r (the) s
8 r (rest) s
8 r (of) s
7 r (the) s
8 r (mod-) s
-36 295 p (ules) s
11 r (from) s
13 r (the) s
12 r (originiati) s
-1 r (ng) s
11 r (host,) s
13 r (and) s
13 r (the) s
12 r (commands) s
14 r (to) s
12 r (link) s
-36 345 p (and) s
9 r (execute) s
11 r (them.) s
15 r (Both) s
9 r 86 c
-4 r (AX) s
9 r (and) s
11 r (Sun) s
10 r (binaries) s
10 r (were) s
11 r (trans-) s
-36 395 p (fered) s
11 r (and) s
12 r (both) s
10 r (would) s
11 r (be) s
12 r (tried) s
11 r (in) s
12 r (turn,) s
11 r (no) s
12 r (attempt) s
11 r (to) s
12 r (deter-) s
-36 445 p (mine) s
12 r (the) s
13 r (machine) s
14 r (type) s
13 r (was) s
14 r (made.) s
24 r (On) s
13 r (other) s
12 r (architectures) s
-36 495 p (the) s
8 r (programs) s
9 r (would) s
8 r (not) s
8 r (run,) s
9 r (but) s
8 r (would) s
9 r (use) s
9 r (resources) s
10 r (in) s
9 r (the) s
-36 544 p (lin) s
-1 r (kin) s
-1 r 103 c
7 r (process.) s
14 r (All) s
7 r (other) s
8 r (attacks) s
9 r (used) s
9 r (the) s
8 r (same) s
10 r 96 c
-2 r (`grappl) s
-1 r (ing) s
-36 594 p (hook') s
-4 r 39 c
7 r (mechanism,) s
10 r (but) s
8 r (used) s
9 r (other) s
8 r 175 c
(aws) s
9 r (to) s
8 r (inject) s
8 r (the) s
8 r 96 c
-2 r (`grap-) s
-36 644 p (pli) s
-1 r (ng) s
8 r (hook') s
-2 r 39 c
8 r (into) s
9 r (the) s
10 r (tar) s
(get) s
9 r (machine.) s
4 694 p (The) s
11 r (fact) s
10 r (that) s
9 r (debug) s
9 r (was) s
11 r (enabled) s
10 r (by) s
9 r (default) s
10 r (was) s
10 r (reported) s
-36 744 p (to) s
9 r (Berkeley) s
12 r (by) s
11 r (several) s
12 r (sources) s
12 r (during) s
10 r (the) s
11 r (4.2BSD) s
11 r (release.) s
-36 794 p (The) s
13 r (4.3BSD) s
14 r (release) s
16 r (as) s
15 r (well) s
14 r (as) s
15 r (Sun) s
14 r (releases) s
16 r (still) s
12 r (had) s
14 r (this) s
-36 844 p (opti) s
-1 r (on) s
8 r (enabled) s
11 r (by) s
10 r (default) s
10 r 91 c
(13) s
-1 r (].) s
15 r (The) s
12 r (then) s
10 r (current) s
10 r (release) s
12 r (of) s
-36 894 p (Ultr) s
-1 r (ix) s
10 r (did) s
12 r (not) s
12 r (have) s
13 r (debug) s
12 r (mode) s
13 r (enabled,) s
14 r (but) s
12 r (the) s
12 r (beta) s
13 r (test) s
-36 943 p (version) s
13 r (of) s
15 r (the) s
15 r (newest) s
16 r (release) s
16 r (did) s
15 r (have) s
15 r (debug) s
15 r (enabled) s
16 r (\(it) s
-36 993 p (was) s
11 r (disabled) s
12 r (before) s
12 r 174 c
(nally) s
12 r (being) s
11 r (shipped\).) s
19 r (MIT') s
-1 r 115 c
11 r (Project) s
-36 1043 p (Athena) s
14 r (was) s
16 r (among) s
15 r 97 c
16 r (number) s
15 r (of) s
15 r (sites) s
15 r (which) s
15 r (went) s
15 r (out) s
15 r (of) s
-36 1093 p (its) s
9 r (way) s
11 r (to) s
10 r (disable) s
11 r (debug) s
10 r (mode;) s
11 r (however) s
-1 r 44 c
11 r (it) s
10 r (is) s
11 r (unlikely) s
9 r (that) s
-36 1143 p (many) s
9 r (binary-only) s
8 r (sites) s
10 r (were) s
11 r (able) s
11 r (to) s
10 r (be) s
10 r (as) s
11 r (diligent.) s
t-bol.300 @sf
-36 1256 p (2.1.2) s
40 r (Finger) s
17 r (Daemon) s
15 r (Bug) s
t-rom.300 @sf
-36 1334 p (The) s
12 r (virus) s
11 r (hit) s
11 r (the) s
12 r 174 c
(nger) s
13 r (daemon) s
13 r 40 c
c-med.300 @sf
(fingerd) s
t-rom.300 @sf
41 c
11 r (by) s
12 r (over) s
175 c
(ow-) s
-36 1384 p (ing) s
11 r 97 c
14 r (buf) s
(fer) s
13 r (which) s
13 r (was) s
14 r (allocated) s
14 r (on) s
13 r (the) s
13 r (stack.) s
25 r (The) s
14 r (over-) s
-36 1434 p 175 c
(ow) s
11 r (was) s
13 r (possible) s
12 r (because) s
c-med.300 @sf
14 r (fingerd) s
t-rom.300 @sf
12 r (used) s
13 r 97 c
13 r (library) s
12 r (func-) s
-36 1484 p (tio) s
-1 r 110 c
8 r (which) s
9 r (did) s
9 r (not) s
8 r (do) s
10 r (range) s
9 r (checking.) s
14 r (Since) s
10 r (the) s
10 r (buf) s
(fer) s
8 r (was) s
-36 1533 p (on) s
13 r (the) s
15 r (stack,) s
17 r (the) s
15 r (over) s
175 c
(ow) s
15 r (allowed) s
14 r 97 c
16 r (fake) s
16 r (stack) s
15 r (frame) s
16 r (to) s
-36 1583 p (be) s
11 r (created,) s
15 r (which) s
12 r (caused) s
13 r 97 c
13 r (small) s
13 r (piece) s
13 r (of) s
12 r (code) s
13 r (to) s
12 r (be) s
13 r (exe-) s
-36 1633 p (cuted) s
10 r (when) s
11 r (the) s
12 r (procedure) s
11 r (returned) s
cmr7.300 @sf
555 1619 p 51 c
t-rom.300 @sf
573 1633 p 46 c
18 r (The) s
12 r (library) s
10 r (function) s
-36 1683 p (in) s
12 r (question) s
12 r (turns) s
13 r (out) s
13 r (to) s
13 r (be) s
14 r 97 c
14 r (backward-compatibility) s
11 r (rou-) s
-36 1733 p (tin) s
-1 r (e,) s
10 r (which) s
9 r (should) s
9 r (not) s
10 r (have) s
11 r (been) s
10 r (needed) s
11 r (after) s
11 r (1979) s
9 r 91 c
(14) s
-1 r (].) s
4 1783 p (Only) s
16 r (4.3BSD) s
17 r 86 c
-4 r (AX) s
16 r (machines) s
18 r (were) s
18 r (attacked) s
17 r (this) s
17 r (way) s
-2 r 46 c
-36 1833 p (The) s
14 r (virus) s
14 r (did) s
14 r (not) s
14 r (attempt) s
14 r 97 c
16 r (Sun) s
14 r (speci) s
174 c
99 c
16 r (attack) s
15 r (on) s
15 r 174 c
(nger) s
-36 1883 p (and) s
13 r (its) s
14 r 86 c
-4 r (AX) s
13 r (attack) s
14 r (failed) s
15 r (when) s
14 r (invoked) s
13 r (on) s
14 r 97 c
15 r (Sun) s
14 r (tar) s
(get.) s
-36 1932 p (Ultr) s
-1 r (ix) s
9 r (was) s
13 r (not) s
11 r (vulnerable) s
11 r (to) s
11 r (this) s
10 r (since) s
12 r (production) s
10 r (releases) s
-36 1982 p (did) s
8 r (not) s
9 r (include) s
10 r 97 c
c-med.300 @sf
11 r (fingerd) s
t-rom.300 @sf
46 c
t-bol.300 @sf
-36 2095 p (2.1.3) s
40 r (Rexec) s
17 r (and) s
16 r (Passwords) s
t-rom.300 @sf
-36 2174 p (The) s
16 r (virus) s
17 r (attacked) s
18 r (using) s
16 r (the) s
17 r (Berkeley) s
17 r (remote) s
18 r (execution) s
-36 2224 p (prot) s
-1 r (ocol,) s
9 r (which) s
10 r (required) s
10 r (the) s
11 r (user) s
11 r (name) s
11 r (and) s
11 r (plaintext) s
9 r (pass-) s
-36 2273 p (word) s
5 r (to) s
7 r (be) s
7 r (passed) s
8 r (over) s
7 r (the) s
7 r (net.) s
13 r (The) s
8 r (program) s
7 r (only) s
6 r (used) s
8 r (pairs) s
-36 2323 p (of) s
12 r (user) s
15 r (names) s
15 r (and) s
14 r (passwords) s
15 r (which) s
14 r (it) s
13 r (had) s
14 r (already) s
15 r (tested) s
-36 2373 p (and) s
7 r (found) s
7 r (to) s
7 r (be) s
9 r (correct) s
8 r (on) s
8 r (the) s
8 r (local) s
8 r (host.) s
13 r 65 c
8 r (common,) s
10 r (world) s
-36 2423 p (readable) s
7 r 174 c
(le) s
7 r 40 c
c-med.300 @sf
(/etc/passwd) s
t-rom.300 @sf
41 c
7 r (that) s
6 r (contains) s
7 r (the) s
8 r (user) s
7 r (names) s
-36 2473 p (and) s
11 r (encrypted) s
13 r (passwords) s
12 r (for) s
13 r (every) s
13 r (user) s
12 r (on) s
13 r (the) s
12 r (system) s
13 r (fa-) s
-36 2523 p (cilit) s
-1 r (ated) s
9 r (this) s
9 r (search.) s
15 r (Speci) s
174 c
(cally:) s
-36 2560 p 390 2 ru
cmr6.300 @sf
5 2588 p 51 c
t-rom.240 @sf
22 2599 p (MIT') s
-1 r 115 c
5 r (Project) s
7 r (Athena) s
5 r (has) s
5 r 97 c
6 r 96 c
-1 r (`write') s
-1 r 39 c
4 r (daemon) s
4 r (which) s
6 r (has) s
5 r 97 c
6 r (similar) s
6 r (piece) s
-36 2638 p (of) s
7 r (code) s
5 r (with) s
7 r (the) s
8 r (same) s
6 r 175 c
(aw) s
8 r (but) s
7 r (it) s
8 r (explicitly) s
7 r (exits) s
7 r (rather) s
7 r (than) s
7 r (returning,) s
7 r (and) s
-36 2678 p (thus) s
6 r (never) s
7 r (uses) s
8 r (the) s
8 r (\(damaged\)) s
6 r (return) s
8 r (stack.) s
11 r 65 c
8 r (comment) s
7 r (in) s
8 r (the) s
8 r (code) s
7 r (notes) s
-36 2717 p (that) s
7 r (it) s
8 r (is) s
9 r (mostly) s
8 r (copied) s
6 r (from) s
8 r (the) s
8 r 174 c
(nger) s
8 r (daemon.) s
cmsy10.300 @sf
1054 96 p 15 c
t-rom.300 @sf
20 r (this) s
10 r 174 c
(le) s
10 r (was) s
10 r (an) s
11 r (easy-to-obtain) s
8 r (list) s
9 r (of) s
10 r (user) s
10 r (names) s
11 r (to) s
10 r (at-) s
1095 146 p (tack,) s
cmsy10.300 @sf
1054 196 p 15 c
t-rom.300 @sf
20 r (the) s
12 r (dictionary) s
10 r (attack) s
12 r (was) s
12 r 97 c
13 r (method) s
11 r (of) s
11 r (verifying) s
10 r (pass-) s
1095 246 p (word) s
16 r (guesses) s
16 r (which) s
15 r (would) s
15 r (not) s
15 r (be) s
16 r (noted) s
15 r (in) s
15 r (security) s
1095 295 p (logs.) s
1012 348 p (The) s
16 r (principle) s
13 r (of) s
14 r 96 c
-2 r (`least) s
14 r (privilege') s
-3 r 39 c
13 r 91 c
(15) s
-1 r 93 c
15 r (is) s
14 r (violated) s
13 r (by) s
15 r (the) s
1012 398 p (existence) s
13 r (of) s
12 r (this) s
11 r (password) s
12 r 174 c
(le.) s
20 r 84 c
-2 r (ypical) s
11 r (programs) s
12 r (have) s
13 r (no) s
1012 448 p (need) s
13 r (for) s
12 r 97 c
12 r (list) s
11 r (of) s
12 r (user) s
12 r (names) s
14 r (and) s
12 r (password) s
12 r (strings,) s
11 r (so) s
12 r (this) s
1012 498 p (privileged) s
8 r (information) s
6 r (should) s
8 r (not) s
8 r (be) s
8 r (available) s
9 r (to) s
8 r (them.) s
14 r (For) s
1012 548 p (example,) s
14 r (Project) s
12 r (Athena') s
-1 r 115 c
11 r (network) s
11 r (authentication) s
11 r (system,) s
t-ita.300 @sf
1012 597 p (Kerber) s
-1 r (os) s
t-rom.300 @sf
13 r 91 c
(16) s
-1 r (],) s
13 r (keeps) s
13 r (passwords) s
12 r (on) s
12 r 97 c
13 r (central) s
12 r (server) s
13 r (which) s
1012 647 p (logs) s
16 r (authentication) s
14 r (requests,) s
18 r (thus) s
15 r (hiding) s
14 r (the) s
16 r (list) s
15 r (of) s
15 r (valid) s
1012 697 p (user) s
14 r (names.) s
24 r (However) s
-1 r 44 c
14 r (once) s
14 r 97 c
14 r (name) s
14 r (is) s
13 r (found,) s
14 r (the) s
13 r (authen-) s
1012 747 p (tication) s
9 r 96 c
-2 r (`ticket') s
-3 r 39 c
8 r (is) s
10 r (still) s
9 r (vulnerable) s
9 r (to) s
10 r (dictionary) s
9 r (attack.) s
t-bol.300 @sf
1012 875 p (2.1.4) s
42 r (Rsh) s
16 r (and) s
16 r 84 c
-2 r (rust) s
t-rom.300 @sf
1012 958 p (The) s
14 r (virus) s
11 r (attempted) s
12 r (to) s
12 r (use) s
13 r (the) s
12 r (Berkeley) s
13 r (remote) s
12 r (shell) s
12 r (pro-) s
1012 1008 p (gram) s
13 r (\(called) s
c-med.300 @sf
12 r (rsh) s
t-rom.300 @sf
41 c
12 r (to) s
11 r (attack) s
13 r (other) s
11 r (machines) s
13 r (without) s
11 r (using) s
1012 1058 p (passwords.) s
25 r (The) s
14 r (remote) s
14 r (shell) s
13 r (utility) s
11 r (is) s
14 r (similar) s
13 r (in) s
13 r (function) s
1012 1108 p (to) s
11 r (the) s
11 r (remote) s
11 r (execution) s
10 r (system,) s
12 r (although) s
9 r (it) s
11 r (is) s
10 r 96 c
-2 r (`friendli) s
-1 r (er) s
2 r 39 c
-3 r 39 c
1012 1158 p (since) s
10 r (the) s
10 r (remote) s
10 r (end) s
9 r (of) s
10 r (the) s
9 r (connection) s
9 r (is) s
9 r 97 c
10 r (command) s
11 r (inter-) s
1012 1207 p (preter) s
-1 r 44 c
10 r (instead) s
10 r (of) s
10 r (the) s
t-ita.300 @sf
11 r (exec) s
t-rom.300 @sf
12 r (function.) s
12 r (For) s
10 r (convenience,) s
12 r 97 c
10 r 174 c
(le) s
c-med.300 @sf
1012 1257 p (/etc/hosts.equiv) s
t-rom.300 @sf
12 r (can) s
15 r (contain) s
12 r 97 c
14 r (list) s
13 r (of) s
13 r (hosts) s
12 r (trusted) s
1012 1307 p (by) s
11 r (this) s
10 r (host.) s
15 r (The) s
c-med.300 @sf
11 r (.rhosts) s
10 r t-rom.300 @sf
174 c
(le) s
11 r (provides) s
10 r (similar) s
10 r (function-) s
1012 1357 p (ality) s
9 r (on) s
10 r 97 c
11 r (per) s
(-user) s
9 r (basis.) s
14 r (The) s
11 r (remote) s
10 r (host) s
9 r (can) s
11 r (pass) s
10 r (the) s
10 r (user) s
1012 1407 p (name) s
15 r (from) s
14 r 97 c
15 r (trusted) s
13 r (port) s
13 r (\(one) s
13 r (which) s
14 r (can) s
15 r (only) s
12 r (be) s
15 r (opened) s
1012 1456 p (by) s
c-med.300 @sf
10 r (root) s
t-rom.300 @sf
41 c
10 r (and) s
10 r (the) s
10 r (local) s
9 r (host) s
10 r (will) s
8 r (trust) s
9 r (that) s
10 r (as) s
10 r (proof) s
9 r (that) s
10 r (the) s
1012 1506 p (connection) s
10 r (is) s
10 r (being) s
10 r (made) s
11 r (for) s
10 r (the) s
10 r (named) s
11 r (user) s
-1 r 46 c
1054 1559 p (This) s
12 r (system) s
12 r (has) s
13 r (an) s
12 r (important) s
11 r (design) s
11 r 175 c
(aw) s
-2 r 44 c
13 r (which) s
11 r (is) s
12 r (that) s
1012 1609 p (the) s
14 r (local) s
14 r (host) s
13 r (only) s
13 r (knows) s
13 r (the) s
14 r (remote) s
14 r (host) s
14 r (by) s
13 r (its) s
13 r (network) s
1012 1659 p (address,) s
15 r (which) s
13 r (can) s
14 r (often) s
12 r (be) s
13 r (for) s
(ged.) s
21 r (It) s
13 r (also) s
13 r (trusts) s
12 r (the) s
13 r (ma-) s
1012 1709 p (chine,) s
13 r (rather) s
12 r (than) s
11 r (any) s
12 r (property) s
10 r (of) s
12 r (the) s
11 r (user) s
-1 r 44 c
12 r (leaving) s
11 r (the) s
12 r (ac-) s
1012 1758 p (count) s
12 r (open) s
11 r (to) s
11 r (attack) s
13 r (at) s
11 r (all) s
12 r (times) s
12 r (rather) s
11 r (than) s
12 r (when) s
12 r (the) s
11 r (user) s
1012 1808 p (is) s
11 r (present) s
11 r 91 c
(16) s
(].) s
16 r (The) s
12 r (virus) s
10 r (took) s
10 r (advantage) s
11 r (of) s
11 r (the) s
11 r (latter) s
10 r 175 c
(aw) s
1012 1858 p (to) s
11 r (propagate) s
11 r (between) s
11 r (accounts) s
12 r (on) s
11 r (trusted) s
10 r (machines.) s
18 r (Least) s
1012 1908 p (privilege) s
14 r (would) s
13 r (also) s
15 r (indicate) s
14 r (that) s
14 r (the) s
15 r (lists) s
14 r (of) s
14 r (trusted) s
14 r (ma-) s
1012 1958 p (chines) s
13 r (be) s
12 r (only) s
11 r (accessible) s
14 r (to) s
11 r (the) s
12 r (daemons) s
13 r (who) s
11 r (need) s
13 r (to) s
11 r (de-) s
1012 2007 p (cide) s
11 r (to) s
10 r (whether) s
10 r (or) s
10 r (not) s
9 r (to) s
10 r (grant) s
9 r (access) s
1 r 46 c
t-bol.300 @sf
1012 2135 p (2.1.5) s
42 r (Information) s
15 r (Flow) s
t-rom.300 @sf
1012 2219 p (When) s
16 r (it) s
14 r (became) s
17 r (clear) s
15 r (that) s
15 r (the) s
15 r (virus) s
14 r (was) s
15 r (propagating) s
14 r (via) s
c-med.300 @sf
1012 2269 p (sendmail) s
t-rom.300 @sf
44 c
13 r (the) s
11 r 174 c
(rst) s
12 r (reaction) s
12 r (of) s
11 r (many) s
12 r (sites) s
12 r (was) s
13 r (to) s
11 r (cut) s
12 r (of) s
102 c
1012 2319 p (mail) s
10 r (service.) s
15 r (This) s
10 r (turned) s
9 r (out) s
10 r (to) s
9 r (be) s
11 r 97 c
t-ita.300 @sf
10 r (serious) s
t-rom.300 @sf
10 r (mistake,) s
11 r (since) s
1012 2368 p (it) s
9 r (cut) s
10 r (of) s
102 c
9 r (the) s
9 r (information) s
8 r (needed) s
11 r (to) s
9 r 174 c
120 c
10 r (the) s
9 r (problem.) s
14 r (Mailer) s
1012 2418 p (programs) s
12 r (on) s
10 r (major) s
12 r (forwarding) s
9 r (nodes,) s
12 r (such) s
12 r (as) s
t-ita.300 @sf
12 r 114 c
-1 r (elay) s
-1 r (.cs.net) s
t-rom.300 @sf
44 c
1012 2468 p (were) s
10 r (shut) s
8 r (down) s
8 r (delaying) s
8 r (some) s
10 r (critical) s
8 r (messages) s
11 r (by) s
8 r (as) s
10 r (long) s
1012 2518 p (as) s
18 r (twenty) s
15 r (hours.) s
32 r (Since) s
17 r (the) s
16 r (virus) s
16 r (had) s
16 r (alternate) s
17 r (infection) s
1012 2568 p (channels) s
9 r 40 c
c-med.300 @sf
(rexec) s
t-rom.300 @sf
7 r (and) s
c-med.300 @sf
8 r (finger) s
t-rom.300 @sf
(\),) s
8 r (this) s
7 r (made) s
8 r (the) s
8 r (isolated) s
7 r (ma-) s
1012 2617 p (chine) s
10 r 97 c
9 r (safe) s
10 r (haven) s
9 r (for) s
9 r (the) s
9 r (virus,) s
9 r (as) s
9 r (well) s
9 r (as) s
10 r (cutting) s
7 r (of) s
102 c
8 r (infor-) s
1012 2667 p (mation) s
8 r (from) s
9 r (machines) s
9 r (further) s
8 r 96 c
-2 r (`downst) s
-1 r (ream') s
-2 r 39 c
7 r (\(thus) s
7 r (placing) s
1012 2717 p (them) s
8 r (in) s
7 r (greater) s
8 r (danger\)) s
7 r (since) s
8 r (no) s
8 r (information) s
5 r (about) s
7 r (the) s
7 r (virus) s
965 2842 p 52 c
@eop
5 @bop0
cmr7.300 @sf
[<07FC07FC00E000E000E000E0FFFCFFFCE0E070E030E018E01CE00EE007E003E001E001E000E0> 14 19 -1 0 17] 52 @dc
[<07C01FE038707038703CF03CF03CF03CF03CF838FFF0F7E0F0007030787838781C380FF003E0> 14 19 -1 0 17] 54 @dc
cmr6.300 @sf
[<1FE01FE0038003800380FFE0FFE0E380738033801B801F800F80078007800380> 11 16 -1 0 15] 52 @dc
5 @bop1
t-rom.300 @sf
-36 96 p (could) s
6 r (reach) s
8 r (them) s
8 r (by) s
8 r (mail) s
cmr7.300 @sf
375 82 p 52 c
t-rom.300 @sf
393 96 p 46 c
14 r (Thus,) s
8 r (by) s
8 r (attacking) s
c-med.300 @sf
7 r (sendmail) s
t-rom.300 @sf
44 c
-36 146 p (the) s
14 r (virus) s
15 r (indirectly) s
14 r (attacked) s
16 r (the) s
15 r 175 c
(ow) s
16 r (of) s
15 r (information) s
14 r (that) s
-36 196 p (was) s
9 r (the) s
11 r (only) s
9 r (real) s
10 r (defense) s
11 r (against) s
10 r (its) s
10 r (spread.) s
t-bol.360 @sf
-36 340 p (2.2) s
49 r (Self) s
18 r (Pr) s
(otection) s
t-rom.300 @sf
-36 427 p (The) s
10 r (virus) s
11 r (used) s
11 r 97 c
12 r (number) s
11 r (of) s
11 r (techniques) s
11 r (to) s
11 r (evade) s
12 r (detection.) s
-36 477 p (It) s
13 r (attempted) s
15 r (both) s
14 r (to) s
14 r (cover) s
15 r (it) s
14 r (tracks) s
15 r (and) s
15 r (to) s
15 r (blend) s
14 r (into) s
14 r (the) s
-36 526 p (normal) s
9 r (UNIX) s
11 r (environment) s
9 r (using) s
10 r (camou) s
175 c
(age.) s
17 r (These) s
12 r (tech-) s
-36 576 p (niqu) s
-1 r (es) s
9 r (had) s
11 r (had) s
10 r (varying) s
9 r (degrees) s
11 r (of) s
10 r (ef) s
(fectiveness.) s
t-bol.300 @sf
-36 712 p (2.2.1) s
40 r (Covering) s
16 r 84 c
-2 r (racks) s
t-rom.300 @sf
-36 799 p (The) s
13 r (program) s
14 r (did) s
14 r 97 c
15 r (number) s
14 r (of) s
14 r (things) s
12 r (to) s
14 r (cover) s
15 r (its) s
13 r (trail.) s
25 r (It) s
-36 849 p (erased) s
10 r (its) s
9 r (ar) s
(gument) s
9 r (list,) s
10 r (once) s
10 r (it) s
9 r (had) s
10 r 174 c
(nished) s
10 r (processing) s
10 r (the) s
-36 898 p (ar) s
(guments,) s
11 r (so) s
13 r (that) s
12 r (the) s
13 r (process) s
13 r (status) s
12 r (command) s
14 r (would) s
11 r (not) s
-36 948 p (show) s
9 r (how) s
9 r (it) s
10 r (was) s
11 r (invoked.) s
4 1003 p (It) s
12 r (also) s
13 r (deleted) s
12 r (the) s
13 r (executing) s
12 r (binary) s
-2 r 44 c
12 r (which) s
12 r (would) s
12 r (leave) s
-36 1053 p (the) s
14 r (data) s
17 r (intact) s
15 r (but) s
15 r (unnamed,) s
18 r (and) s
16 r (only) s
15 r (referenced) s
17 r (by) s
16 r (the) s
-36 1102 p (execution) s
13 r (of) s
14 r (the) s
15 r (program.) s
28 r (If) s
14 r (the) s
15 r (machine) s
16 r (were) s
15 r (rebooted) s
-36 1152 p (whil) s
-1 r 101 c
14 r (the) s
14 r (virus) s
14 r (was) s
15 r (actually) s
15 r (running,) s
14 r (the) s
15 r 174 c
(le) s
14 r (system) s
16 r (sal-) s
-36 1202 p (vager) s
8 r (would) s
8 r (recover) s
9 r (the) s
9 r 174 c
(le) s
9 r (after) s
9 r (the) s
9 r (reboot.) s
13 r (Otherwise) s
9 r (the) s
-36 1252 p (progr) s
-1 r (am) s
10 r (would) s
9 r (vanish) s
9 r (after) s
11 r (exiting.) s
4 1306 p (The) s
15 r (program) s
13 r (also) s
14 r (used) s
14 r (resource) s
15 r (limit) s
13 r (functions) s
12 r (to) s
14 r (pre-) s
-36 1356 p (vent) s
10 r 97 c
12 r (core) s
13 r (dump.) s
18 r (Thus,) s
13 r (it) s
11 r (prevented) s
11 r (any) s
12 r (bugs) s
11 r (in) s
12 r (the) s
11 r (pro-) s
-36 1406 p (gram) s
9 r (from) s
10 r (leaving) s
10 r (tell-tale) s
9 r (traces) s
11 r (behind.) s
t-bol.300 @sf
-36 1542 p (2.2.2) s
40 r (Camou\015age) s
t-rom.300 @sf
-36 1629 p (It) s
11 r (was) s
14 r (compiled) s
13 r (under) s
12 r (the) s
13 r (name) s
c-med.300 @sf
15 r (sh) s
t-rom.300 @sf
44 c
14 r (the) s
13 r (same) s
14 r (name) s
14 r (used) s
-36 1679 p (by) s
13 r (the) s
14 r (Bourne) s
14 r (Shell,) s
15 r 97 c
15 r (command) s
15 r (interpreter) s
14 r (which) s
14 r (is) s
14 r (of-) s
-36 1728 p (ten) s
10 r (used) s
12 r (in) s
11 r (shell) s
11 r (scripts) s
11 r (and) s
12 r (automatic) s
11 r (commands.) s
19 r (Even) s
12 r 97 c
-36 1778 p (dil) s
-1 r (igent) s
8 r (system) s
11 r (manager) s
11 r (would) s
9 r (probably) s
9 r (not) s
10 r (notice) s
9 r 97 c
11 r (lar) s
(ge) s
-36 1828 p (number) s
9 r (of) s
10 r (shells) s
10 r (running) s
8 r (for) s
10 r (short) s
9 r (periods) s
10 r (of) s
10 r (time.) s
4 1882 p (The) s
16 r (virus) s
14 r (forked,) s
16 r (splitti) s
-1 r (ng) s
13 r (into) s
14 r 97 c
15 r (parent) s
15 r (and) s
15 r (child,) s
15 r (ap-) s
-36 1932 p (proxi) s
-1 r (mately) s
13 r (every) s
14 r (three) s
15 r (minutes.) s
26 r (The) s
15 r (parent) s
15 r (would) s
13 r (then) s
-36 1982 p (exit,) s
18 r (leaving) s
18 r (the) s
18 r (child) s
17 r (to) s
18 r (continue) s
17 r (from) s
18 r (the) s
18 r (exact) s
19 r (same) s
-36 2032 p (place.) s
12 r (This) s
8 r (had) s
8 r (the) s
7 r (ef) s
(fect) s
8 r (of) s
7 r 96 c
-2 r (`refreshing') s
-3 r 39 c
5 r (the) s
8 r (process,) s
9 r (since) s
-36 2082 p (the) s
5 r (new) s
7 r (fork) s
7 r (started) s
6 r (of) s
102 c
6 r (with) s
6 r (no) s
6 r (resources) s
8 r (used,) s
8 r (such) s
7 r (as) s
8 r (CPU) s
-36 2132 p (time) s
12 r (or) s
13 r (memory) s
14 r (usage.) s
25 r (It) s
13 r (also) s
13 r (kept) s
13 r (each) s
15 r (run) s
13 r (of) s
13 r (the) s
13 r (virus) s
-36 2181 p (short,) s
8 r (making) s
9 r (the) s
9 r (virus) s
8 r 97 c
10 r (more) s
10 r (dif) s
174 c
(cult) s
7 r (to) s
9 r (seize,) s
11 r (even) s
10 r (when) s
-36 2231 p (it) s
9 r (had) s
9 r (been) s
11 r (noticed.) s
4 2286 p (All) s
14 r (the) s
15 r (constant) s
14 r (strings) s
14 r (used) s
15 r (by) s
15 r (the) s
15 r (program) s
14 r (were) s
16 r (ob-) s
-36 2335 p (scured) s
10 r (by) s
11 r (XOR'ing) s
11 r (each) s
12 r (character) s
13 r (with) s
10 r (the) s
12 r (constant) s
10 r (81) s
cmr7.300 @sf
892 2341 p (16) s
t-rom.300 @sf
927 2335 p 46 c
-36 2385 p (This) s
10 r (meant) s
12 r (that) s
10 r (one) s
12 r (could) s
11 r (not) s
10 r (simply) s
11 r (look) s
10 r (at) s
11 r (the) s
12 r (binary) s
10 r (to) s
-36 2435 p (determine) s
14 r (what) s
15 r (constants) s
15 r (the) s
15 r (virus) s
14 r (refered) s
16 r (to) s
14 r (\(e.g.) s
30 r (what) s
-36 2485 p 174 c
(les) s
13 r (it) s
13 r (opened\).) s
26 r (But) s
14 r (it) s
13 r (was) s
15 r 97 c
15 r (weak) s
15 r (method) s
13 r (of) s
14 r (hiding) s
13 r (the) s
-36 2535 p (strin) s
-1 r (gs;) s
13 r (it) s
14 r (delayed) s
14 r (ef) s
(forts) s
12 r (to) s
13 r (understand) s
13 r (the) s
14 r (virus,) s
14 r (but) s
13 r (not) s
-36 2585 p (for) s
8 r (very) s
10 r (long.) s
-36 2639 p 390 2 ru
cmr6.300 @sf
5 2667 p 52 c
t-rom.240 @sf
22 2678 p (USENET) s
16 r (news) s
13 r 91 c
(17) s
-1 r 93 c
15 r (was) s
14 r (an) s
13 r (ef) s
(fective) s
13 r (side-channe) s
-1 r 108 c
13 r (of) s
14 r (information) s
-36 2717 p (spread) s
-1 r 44 c
7 r (although) s
6 r 97 c
8 r (number) s
7 r (of) s
8 r (sites) s
8 r (disabled) s
7 r (that) s
9 r (as) s
7 r (well.) s
t-bol.360 @sf
1012 96 p (2.3) s
51 r (Flaws) s
t-rom.300 @sf
1012 174 p (The) s
9 r (virus) s
8 r (also) s
8 r (had) s
9 r 97 c
8 r (number) s
9 r (of) s
8 r 175 c
(aws,) s
9 r (ranging) s
8 r (from) s
8 r (the) s
8 r (sub-) s
1012 224 p (tle) s
10 r (to) s
10 r (the) s
10 r (clumsy) s
-2 r 46 c
14 r (One) s
10 r (of) s
10 r (the) s
10 r (later) s
10 r (messages) s
13 r (from) s
10 r (Berkeley) s
1012 273 p (posted) s
8 r 174 c
(xes) s
8 r (for) s
8 r (some) s
8 r (of) s
8 r (the) s
8 r (more) s
8 r (obvious) s
6 r (ones,) s
9 r (as) s
9 r 97 c
8 r (humor-) s
1012 323 p (ous) s
11 r (gesture.) s
t-bol.300 @sf
1012 433 p (2.3.1) s
42 r (Reinfection) s
16 r (pr) s
(evention) s
t-rom.300 @sf
1012 510 p (The) s
12 r (code) s
11 r (for) s
11 r (preventing) s
9 r (reinfection) s
10 r (of) s
10 r (an) s
11 r (actively) s
11 r (infected) s
1012 560 p (machine) s
15 r (harbored) s
14 r (some) s
15 r (major) s
14 r 175 c
(aws.) s
27 r (These) s
15 r 175 c
(aws) s
15 r (turned) s
1012 610 p (out) s
13 r (to) s
12 r (be) s
13 r (critical) s
13 r (to) s
12 r (the) s
13 r (ultimate) s
12 r 96 c
-2 r (`failure') s
-3 r 39 c
11 r (of) s
13 r (the) s
13 r (virus,) s
13 r (as) s
1012 660 p (reinfection) s
10 r (drove) s
9 r (up) s
10 r (the) s
10 r (load) s
10 r (of) s
10 r (many) s
11 r (machines,) s
11 r (causing) s
10 r (it) s
1012 710 p (to) s
10 r (be) s
11 r (noticed) s
9 r (and) s
11 r (thus) s
9 r (counterattacked.) s
1054 759 p (The) s
17 r (code) s
17 r (had) s
16 r (several) s
17 r (timing) s
15 r 175 c
(aws) s
17 r (which) s
15 r (made) s
18 r (it) s
15 r (un-) s
1012 809 p (likely) s
10 r (to) s
10 r (work.) s
16 r (While) s
10 r (written) s
10 r (in) s
10 r 97 c
12 r 96 c
-2 r (`paranoid') s
-4 r 39 c
9 r (manner) s
-1 r 44 c
12 r (us-) s
1012 859 p (ing) s
9 r (weak) s
9 r (authentication) s
7 r (\(exchanging) s
9 r 96 c
-2 r (`magic') s
-3 r 39 c
7 r (numbers\)) s
9 r (to) s
1012 909 p (determine) s
9 r (whether) s
8 r (the) s
7 r (other) s
8 r (end) s
8 r (of) s
8 r (the) s
8 r (connection) s
7 r (is) s
8 r (indeed) s
1012 959 p 97 c
11 r (copy) s
9 r (of) s
9 r (the) s
10 r (virus,) s
9 r (these) s
10 r (routines) s
8 r (would) s
9 r (often) s
9 r (exit) s
9 r (with) s
8 r (er-) s
1012 1009 p (rors) s
10 r (\(and) s
11 r (thus) s
t-ita.300 @sf
9 r (not) s
t-rom.300 @sf
10 r (attempt) s
9 r (to) s
10 r (quit\)) s
9 r (if:) s
cmsy10.300 @sf
1054 1066 p 15 c
t-rom.300 @sf
20 r (several) s
17 r (viruses) s
15 r (infected) s
15 r 97 c
16 r (clean) s
16 r (machine) s
16 r (at) s
16 r (once,) s
17 r (in) s
1095 1116 p (which) s
11 r (case) s
13 r (all) s
11 r (of) s
11 r (them) s
12 r (would) s
10 r (look) s
10 r (for) s
11 r (listeners;) s
11 r (none) s
1095 1165 p (of) s
16 r (them) s
16 r (would) s
15 r 174 c
(nd) s
16 r (any;) s
18 r (all) s
15 r (of) s
16 r (them) s
16 r (would) s
15 r (attempt) s
1095 1215 p (to) s
16 r (become) s
18 r (listeners;) s
18 r (one) s
17 r (would) s
15 r (succeed;) s
21 r (the) s
16 r (others) s
1095 1265 p (would) s
9 r (fail,) s
10 r (give) s
10 r (up,) s
10 r (and) s
10 r (thus) s
10 r (be) s
10 r (invulnerable) s
9 r (to) s
9 r (future) s
1095 1315 p (checking) s
11 r (attempts.) s
cmsy10.300 @sf
1054 1365 p 15 c
t-rom.300 @sf
20 r (several) s
16 r (viruses) s
14 r (starting) s
13 r (at) s
14 r (once,) s
17 r (in) s
14 r (the) s
14 r (presence) s
16 r (of) s
14 r 97 c
1095 1414 p (running) s
14 r (virus.) s
28 r (If) s
15 r (the) s
16 r 174 c
(rst) s
15 r (one) s
15 r 96 c
-2 r (`wins) s
13 r (the) s
15 r (coin) s
15 r (toss') s
-2 r 39 c
1095 1464 p (with) s
13 r (the) s
14 r (listening) s
11 r (virus,) s
15 r (other) s
13 r (new-starting) s
12 r (ones) s
14 r (will) s
1095 1514 p (have) s
10 r (contacted) s
9 r (the) s
8 r (losing) s
8 r (one) s
9 r (and) s
8 r (have) s
10 r (the) s
8 r (connection) s
1095 1564 p (closed) s
11 r (upon) s
9 r (them,) s
11 r (permitting) s
8 r (them) s
11 r (to) s
10 r (continue.) s
cmsy10.300 @sf
1054 1614 p 15 c
t-rom.300 @sf
20 r 97 c
8 r (machine) s
7 r (is) s
7 r (slow) s
6 r (or) s
7 r (heavily) s
6 r (loaded,) s
8 r (which) s
6 r (could) s
6 r (cause) s
1095 1664 p (the) s
15 r (virus) s
13 r (to) s
14 r (exceed) s
16 r (the) s
14 r (timeouts) s
14 r (imposed) s
14 r (on) s
14 r (the) s
14 r (ex-) s
1095 1713 p (change) s
9 r (of) s
7 r (numbers,) s
9 r (especially) s
8 r (if) s
7 r (the) s
8 r (compiler) s
7 r (was) s
8 r (run-) s
1095 1763 p (ning) s
10 r (\(possibly) s
9 r (multiple) s
9 r (times\)) s
10 r (due) s
11 r (to) s
10 r 97 c
11 r (new) s
10 r (infection;) s
1095 1813 p (note) s
9 r (that) s
8 r (this) s
7 r (is) s
9 r (exacerbated) s
9 r (by) s
9 r 97 c
9 r (busy) s
8 r (machine) s
9 r (\(which) s
1095 1863 p (slows) s
10 r (down) s
10 r (further\)) s
9 r (on) s
10 r 97 c
11 r (moderately) s
10 r (sized) s
11 r (network.) s
1012 1920 p (Note) s
8 r (that) s
7 r 96 c
-2 r (`at) s
6 r (once') s
-2 r 39 c
7 r (means) s
9 r 96 c
-2 r (`wit) s
-1 r (hin) s
5 r 97 c
8 r (5-20) s
7 r (second) s
8 r (window') s
-2 r 39 c
1012 1970 p (in) s
10 r (most) s
10 r (cases,) s
13 r (and) s
10 r (is) s
10 r (sometimes) s
11 r (looser) s
-1 r 46 c
1054 2020 p 65 c
11 r (critical) s
10 r (weakness) s
12 r (in) s
11 r (the) s
10 r (interlocking) s
9 r (code) s
11 r (is) s
11 r (that) s
10 r (even) s
1012 2069 p (when) s
15 r (it) s
t-ita.300 @sf
13 r (does) s
t-rom.300 @sf
14 r (decide) s
15 r (to) s
13 r (quit,) s
14 r (all) s
14 r (it) s
13 r (does) s
15 r (is) s
14 r (set) s
14 r (the) s
14 r (variable) s
c-med.300 @sf
1012 2119 p (pleasequit) s
t-rom.300 @sf
46 c
15 r (This) s
11 r (variable) s
11 r (does) s
10 r (not) s
10 r (have) s
12 r (an) s
11 r (ef) s
(fect) s
10 r (until) s
1012 2169 p (the) s
11 r (virus) s
9 r (has) s
11 r (gone) s
10 r (through) s
cmsy10.300 @sf
1054 2219 p 15 c
t-rom.300 @sf
20 r (collecting) s
10 r (the) s
10 r (entire) s
10 r (list) s
9 r (of) s
10 r (host) s
9 r (names) s
12 r (to) s
9 r (attack) s
cmsy10.300 @sf
1054 2269 p 15 c
t-rom.300 @sf
20 r (collecting) s
10 r (the) s
10 r (entire) s
10 r (list) s
9 r (of) s
10 r (user) s
10 r (names) s
12 r (to) s
9 r (attack) s
cmsy10.300 @sf
1054 2319 p 15 c
t-rom.300 @sf
20 r (trying) s
7 r (to) s
8 r (attack) s
9 r (all) s
8 r (of) s
8 r (the) s
8 r 96 c
-2 r (`obvi) s
-1 r (ous') s
-3 r 39 c
6 r (permutation) s
7 r (pass-) s
1095 2368 p (words) s
10 r (\(see) s
12 r (Section) s
9 r (A.4.3\)) s
cmsy10.300 @sf
1054 2418 p 15 c
t-rom.300 @sf
20 r (trying) s
15 r (ten) s
16 r (words) s
15 r (selected) s
17 r (at) s
16 r (random) s
16 r (from) s
16 r (the) s
16 r (inter-) s
1095 2468 p (nal) s
10 r (dictionary) s
8 r (\(see) s
10 r (Appendix) s
9 r (B\)) s
9 r (against) s
9 r (all) s
10 r (of) s
9 r (the) s
9 r (user) s
1095 2518 p (names) s
1054 2568 p (Since) s
13 r (the) s
13 r (virus) s
12 r (was) s
13 r (careful) s
13 r (to) s
12 r (clean) s
14 r (up) s
12 r (temporary) s
13 r 174 c
(les,) s
1012 2617 p (its) s
10 r (presence) s
12 r (alone) s
10 r (didn') s
116 c
8 r (interfere) s
10 r (with) s
9 r (reinfection.) s
1054 2667 p (Also,) s
8 r 97 c
9 r (multiply) s
6 r (infected) s
8 r (machine) s
8 r (would) s
7 r (spread) s
9 r (the) s
7 r (virus) s
1012 2717 p (faster) s
-1 r 44 c
10 r (perhaps) s
10 r (proporti) s
-1 r (onall) s
-1 r 121 c
8 r (to) s
9 r (the) s
9 r (number) s
9 r (of) s
9 r (infections) s
8 r (it) s
965 2842 p 53 c
@eop
6 @bop0
cmr7.300 @sf
[<1F007F80E1C0F0E0F0F070F000F000F060E071E07FC06F006000600060007F007FC07FE06060> 12 19 -2 0 17] 53 @dc
cmr6.300 @sf
[<3F007F80E1C0E0E040E000E060E070C07F806F00600060007E007F007F806080> 11 16 -1 0 15] 53 @dc
6 @bop1
t-rom.300 @sf
-36 96 p (was) s
9 r (harboring,) s
10 r (since) s
cmsy10.300 @sf
4 146 p 15 c
t-rom.300 @sf
21 r (the) s
14 r (program) s
13 r (scrambles) s
16 r (the) s
14 r (lists) s
13 r (of) s
14 r (hosts) s
14 r (and) s
14 r (users) s
14 r (it) s
46 196 p (attacks;) s
11 r (since) s
11 r (the) s
11 r (random) s
11 r (number) s
11 r (generator) s
11 r (is) s
11 r (seeded) s
46 246 p (with) s
9 r (the) s
9 r (current) s
10 r (time,) s
11 r (the) s
10 r (separate) s
11 r (instances) s
10 r (are) s
11 r (likely) s
46 295 p (to) s
9 r (hit) s
9 r (separate) s
12 r (tar) s
(gets.) s
cmsy10.300 @sf
4 345 p 15 c
t-rom.300 @sf
21 r (the) s
18 r (program) s
18 r (tries) s
18 r (to) s
18 r (spend) s
18 r 97 c
19 r (lar) s
(ge) s
18 r (amount) s
18 r (of) s
18 r (time) s
46 395 p (sleeping) s
20 r (and) s
22 r (listening) s
19 r (for) s
21 r (other) s
21 r (infection) s
20 r (attempts) s
46 445 p (\(which) s
10 r (never) s
11 r (report) s
11 r (themselves\)) s
11 r (so) s
11 r (that) s
11 r (the) s
10 r (processes) s
46 495 p (would) s
9 r (share) s
11 r (the) s
10 r (resources) s
11 r (of) s
10 r (the) s
10 r (machine) s
11 r (fairly) s
9 r (well.) s
4 544 p (Thus,) s
8 r (the) s
8 r (virus) s
6 r (spread) s
8 r (much) s
8 r (more) s
7 r (quickly) s
6 r (than) s
7 r (the) s
7 r (perpe-) s
-36 594 p (trator) s
9 r (expected,) s
13 r (and) s
12 r (was) s
12 r (noticed) s
11 r (for) s
12 r (that) s
11 r (very) s
11 r (reason.) s
19 r (The) s
-36 644 p (MIT) s
12 r (Media) s
14 r (Lab,) s
16 r (for) s
13 r (example,) s
16 r (cut) s
14 r (themselves) s
14 r (completely) s
-36 694 p (of) s
102 c
11 r (from) s
14 r (the) s
13 r (network) s
13 r (because) s
16 r (the) s
13 r (computer) s
14 r (resources) s
14 r (ab-) s
-36 744 p (sorbed) s
9 r (by) s
9 r (the) s
10 r (virus) s
10 r (were) s
11 r (detracting) s
9 r (from) s
10 r (work) s
10 r (in) s
9 r (progress,) s
-36 793 p (whil) s
-1 r 101 c
9 r (the) s
10 r (lack) s
11 r (of) s
10 r (network) s
9 r (service) s
11 r (was) s
11 r 97 c
11 r (minor) s
9 r (problem.) s
t-bol.300 @sf
-36 901 p (2.3.2) s
40 r (Heuristics) s
t-rom.300 @sf
-36 979 p (One) s
12 r (attempt) s
12 r (to) s
12 r (make) s
14 r (the) s
12 r (program) s
13 r (not) s
12 r (waste) s
13 r (time) s
13 r (on) s
12 r (non-) s
-36 1029 p (UNIX) s
8 r (systems) s
11 r (was) s
10 r (to) s
10 r (sometimes) s
10 r (try) s
9 r (to) s
10 r (open) s
9 r 97 c
11 r (telnet) s
9 r (or) s
10 r (rsh) s
-36 1079 p (connection) s
9 r (to) s
10 r 97 c
11 r (host) s
11 r (before) s
11 r (trying) s
9 r (to) s
10 r (attack) s
11 r (it) s
11 r (and) s
10 r (skipping) s
-36 1129 p (that) s
13 r (host) s
14 r (if) s
14 r (it) s
13 r (refused) s
15 r (the) s
15 r (connection.) s
26 r (If) s
15 r (the) s
14 r (host) s
14 r (refused) s
-36 1178 p (telnet) s
5 r (or) s
7 r (rsh) s
7 r (connections,) s
7 r (it) s
6 r (was) s
8 r (likely) s
6 r (to) s
6 r (refuse) s
8 r (other) s
6 r (attacks) s
-36 1228 p (as) s
9 r (well.) s
14 r (There) s
11 r (were) s
11 r (several) s
11 r (problems) s
10 r (with) s
9 r (this) s
10 r (heuristic:) s
cmsy10.300 @sf
4 1278 p 15 c
t-rom.300 @sf
21 r 65 c
12 r (number) s
13 r (of) s
12 r (machines) s
13 r (exist) s
12 r (which) s
12 r (provide) s
12 r (mail) s
12 r (ser-) s
46 1328 p (vice) s
9 r (\(for) s
8 r (example\)) s
10 r (but) s
8 r (that) s
9 r (do) s
8 r (not) s
9 r (provide) s
8 r (telnet) s
8 r (or) s
9 r (rsh) s
46 1378 p (service,) s
19 r (and) s
16 r (although) s
15 r (vulnerable,) s
18 r (would) s
16 r (be) s
17 r (ignored) s
46 1427 p (under) s
12 r (this) s
13 r (attack.) s
23 r (The) s
14 r (MIT) s
14 r (Project) s
13 r (Athena) s
13 r (mailhub,) s
t-ita.300 @sf
46 1477 p (athena.mit.edu) s
t-rom.300 @sf
44 c
9 r (is) s
10 r (but) s
10 r (one) s
10 r (example.) s
cmsy10.300 @sf
4 1527 p 15 c
t-rom.300 @sf
21 r (The) s
19 r (telnet) s
18 r 96 c
-2 r (`probin) s
-1 r (g') s
-3 r 39 c
17 r (code) s
19 r (immediately) s
19 r (closed) s
19 r (the) s
46 1577 p (connection) s
17 r (upon) s
17 r 174 c
(nding) s
16 r (that) s
17 r (it) s
17 r (had) s
18 r (opened) s
18 r (it.) s
36 r (By) s
46 1627 p (the) s
12 r (time) s
13 r (the) s
13 r 96 c
-2 r (`inet) s
11 r (daemon') s
-2 r (',) s
13 r (the) s
12 r 96 c
-2 r (`switchin) s
-1 r 103 c
11 r (station') s
-2 r 39 c
46 1677 p (which) s
9 r (handles) s
10 r (most) s
10 r (incoming) s
9 r (network) s
9 r (services,) s
11 r (iden-) s
46 1726 p (ti) s
174 c
(ed) s
11 r (the) s
12 r (connection) s
12 r (and) s
12 r (started) s
12 r 97 c
13 r (telnet) s
12 r (daemon,) s
14 r (the) s
46 1776 p (connection) s
8 r (was) s
10 r (already) s
9 r (closed,) s
10 r (causing) s
9 r (the) s
9 r (telnet) s
9 r (dae-) s
46 1826 p (mon) s
9 r (to) s
9 r (indicate) s
9 r (an) s
10 r (error) s
9 r (condition) s
8 r (of) s
9 r (high) s
9 r (enough) s
9 r (pri-) s
46 1876 p (ority) s
12 r (to) s
14 r (be) s
15 r (logged) s
13 r (on) s
14 r (most) s
14 r (systems.) s
27 r (Thus) s
14 r (the) s
15 r (times) s
46 1926 p (of) s
10 r (the) s
12 r (earliest) s
11 r (attacks) s
11 r (were) s
12 r (noted,) s
12 r (if) s
10 r (not) s
11 r (the) s
11 r (machines) s
46 1975 p (they) s
9 r (came) s
12 r (from.) s
t-bol.300 @sf
-36 2083 p (2.3.3) s
40 r 86 c
-3 r (ulnerabilities) s
14 r (not) s
16 r (used) s
t-rom.300 @sf
-36 2161 p (The) s
6 r (virus) s
7 r (did) s
6 r (not) s
6 r (exploit) s
6 r 97 c
7 r (number) s
7 r (of) s
7 r (obvious) s
6 r (opportuni) s
-1 r (ties.) s
cmsy10.300 @sf
4 2211 p 15 c
t-rom.300 @sf
21 r (When) s
9 r (looking) s
8 r (for) s
8 r (lists) s
9 r (of) s
9 r (hosts) s
9 r (to) s
9 r (attack,) s
10 r (it) s
8 r (could) s
9 r (have) s
46 2261 p (done) s
9 r 96 c
-2 r (`zone) s
8 r (transfers') s
-2 r 39 c
8 r (from) s
9 r (the) s
9 r (Internet) s
9 r (domain) s
9 r (name) s
46 2311 p (servers) s
16 r (to) s
15 r 174 c
(nd) s
16 r (names) s
17 r (of) s
15 r (valid) s
15 r (hosts) s
15 r 91 c
(18) s
(].) s
30 r (Many) s
16 r (of) s
46 2360 p (these) s
18 r (records) s
19 r (also) s
19 r (include) s
17 r (host) s
18 r (type,) s
21 r (so) s
18 r (the) s
18 r (search) s
46 2410 p (could) s
12 r (have) s
13 r (limited) s
11 r (itself) s
12 r (to) s
12 r (the) s
13 r (appropriate) s
11 r (processor) s
46 2460 p (and) s
10 r (operating) s
9 r (system) s
11 r (types.) s
cmsy10.300 @sf
4 2510 p 15 c
t-rom.300 @sf
21 r (It) s
13 r (did) s
14 r (not) s
13 r (attack) s
14 r (both) s
13 r (machine) s
15 r (types) s
14 r (consistently) s
-2 r 46 c
24 r (If) s
46 2560 p (the) s
10 r 86 c
-4 r (AX) s
8 r 174 c
(nger) s
11 r (attack) s
10 r (failed,) s
10 r (it) s
10 r (could) s
9 r (have) s
11 r (tried) s
9 r 97 c
11 r (Sun) s
46 2609 p (attack,) s
10 r (but) s
10 r (that) s
9 r (hadn') s
116 c
9 r (been) s
11 r (implemented.) s
cmsy10.300 @sf
4 2659 p 15 c
t-rom.300 @sf
21 r (It) s
10 r (did) s
10 r (not) s
10 r (try) s
10 r (to) s
11 r 174 c
(nd) s
10 r (privileged) s
10 r (users) s
11 r (on) s
11 r (the) s
11 r (local) s
10 r (host) s
46 2709 p (\(such) s
10 r (as) s
c-med.300 @sf
11 r (root) s
t-rom.300 @sf
(\).) s
t-bol.360 @sf
1012 96 p (2.4) s
51 r (Defenses) s
t-rom.300 @sf
1012 178 p (There) s
11 r (were) s
10 r (many) s
9 r (attempts) s
9 r (to) s
9 r (stop) s
8 r (the) s
10 r (virus.) s
12 r (They) s
10 r (varied) s
9 r (in) s
1012 228 p (inconvenience) s
13 r (to) s
13 r (the) s
12 r (end) s
13 r (users) s
14 r (of) s
13 r (the) s
12 r (vulnerable) s
13 r (systems,) s
1012 278 p (in) s
12 r (the) s
13 r (amount) s
12 r (of) s
12 r (skill) s
12 r (required) s
12 r (to) s
12 r (implement) s
12 r (them,) s
14 r (and) s
12 r (in) s
1012 327 p (their) s
10 r (ef) s
(fectiveness.) s
cmsy10.300 @sf
1054 390 p 15 c
t-rom.300 @sf
20 r (Full) s
14 r (isolation) s
12 r (from) s
14 r (network) s
13 r (was) s
14 r (frequently) s
13 r (inconve-) s
1095 440 p (nient,) s
9 r (but) s
9 r (was) s
9 r (very) s
9 r (ef) s
(fective) s
9 r (in) s
9 r (stopping) s
7 r (the) s
9 r (virus,) s
9 r (and) s
1095 490 p (was) s
11 r (simple) s
11 r (to) s
9 r (implement.) s
cmsy10.300 @sf
1054 539 p 15 c
t-rom.300 @sf
20 r 84 c
(urning) s
9 r (of) s
102 c
10 r (mail) s
11 r (service) s
12 r (was) s
11 r (inconvenient) s
10 r (both) s
10 r (to) s
10 r (lo-) s
1095 589 p (cal) s
13 r (users) s
13 r (and) s
13 r (to) s
12 r 96 c
-2 r (`down) s
-1 r (stream') s
-2 r 39 c
10 r (sites,) s
14 r (was) s
13 r (inef) s
(fective) s
1095 639 p (at) s
11 r (stopping) s
8 r (the) s
10 r (virus,) s
10 r (but) s
10 r (was) s
10 r (simple) s
11 r (to) s
9 r (implement.) s
cmsy10.300 @sf
1054 689 p 15 c
t-rom.300 @sf
20 r (Patching) s
8 r (out) s
8 r (the) s
c-med.300 @sf
8 r (debug) s
t-rom.300 @sf
8 r (command) s
9 r (in) s
c-med.300 @sf
7 r (sendmail) s
t-rom.300 @sf
8 r (was) s
1095 739 p (only) s
11 r (ef) s
(fective) s
11 r (in) s
10 r (conjunction) s
10 r (with) s
10 r (other) s
11 r 174 c
(xes,) s
12 r (did) s
10 r (not) s
1095 789 p (interfere) s
7 r (with) s
6 r (normal) s
7 r (users,) s
9 r (and) s
7 r (simple) s
7 r (instructions) s
5 r (for) s
1095 838 p (implementing) s
10 r (the) s
10 r (change) s
11 r (were) s
11 r (available.) s
cmsy10.300 @sf
1054 888 p 15 c
t-rom.300 @sf
20 r (Shutting) s
13 r (down) s
14 r (the) s
15 r 174 c
(nger) s
15 r (daemon) s
15 r (was) s
15 r (also) s
15 r (ef) s
(fective) s
1095 938 p (only) s
11 r (if) s
12 r (the) s
11 r (other) s
12 r (holes) s
11 r (were) s
13 r (plugged) s
11 r (as) s
13 r (well,) s
12 r (was) s
12 r (an-) s
1095 988 p (noying) s
11 r (to) s
12 r (users) s
13 r (if) s
11 r (not) s
12 r (actually) s
12 r (inconvenient,) s
12 r (and) s
12 r (was) s
1095 1038 p (simple) s
11 r (to) s
9 r (perform.) s
cmsy10.300 @sf
1054 1087 p 15 c
t-rom.300 @sf
20 r (Fixing) s
15 r (the) s
16 r 174 c
(nger) s
17 r (daemon) s
16 r (required) s
16 r (source) s
17 r (code,) s
18 r (but) s
1095 1137 p (was) s
15 r (as) s
14 r (ef) s
(fective) s
14 r (as) s
14 r (shutting) s
12 r (it) s
13 r (down,) s
14 r (without) s
12 r (annoy-) s
1095 1187 p (ing) s
10 r (the) s
10 r (users) s
11 r (at) s
10 r (all.) s
cmsy10.300 @sf
1054 1237 p 15 c
c-med.300 @sf
20 r (mkdir) s
25 r (/usr/tmp/sh) s
t-rom.300 @sf
6 r (was) s
8 r (convenient,) s
8 r (simple,) s
8 r (and) s
1095 1287 p (ef) s
(fective) s
18 r (in) s
17 r (preventing) s
16 r (the) s
17 r (virus) s
17 r (from) s
18 r (propagating) s
cmr7.300 @sf
1971 1273 p 53 c
t-rom.300 @sf
1095 1336 p (\(See) s
12 r (Section) s
10 r (A.8.2.\)) s
cmsy10.300 @sf
1054 1386 p 15 c
t-rom.300 @sf
20 r (De) s
174 c
(ning) s
c-med.300 @sf
16 r (pleasequit) s
t-rom.300 @sf
16 r (in) s
15 r (the) s
17 r (system) s
16 r (libraries) s
16 r (was) s
1095 1436 p (convenient,) s
10 r (simple,) s
9 r (and) s
10 r (did) s
8 r (almost) s
9 r (nothing) s
7 r (to) s
9 r (stop) s
9 r (the) s
1095 1486 p (virus) s
10 r (\(See) s
11 r (Section) s
10 r (A.3.2.\)) s
cmsy10.300 @sf
1054 1536 p 15 c
t-rom.300 @sf
20 r (Renaming) s
14 r (the) s
14 r (UNIX) s
13 r 67 c
14 r (compiler) s
13 r (and) s
14 r (linker) s
13 r 40 c
c-med.300 @sf
(cc) s
t-rom.300 @sf
14 r (and) s
c-med.300 @sf
1095 1585 p (ld) s
t-rom.300 @sf
41 c
12 r (was) s
12 r (drastic,) s
12 r (and) s
12 r (somewhat) s
12 r (inconvenient) s
10 r (to) s
11 r (users) s
1095 1635 p (\(though) s
16 r (much) s
18 r (less) s
18 r (so) s
17 r (than) s
17 r (cutting) s
16 r (of) s
102 c
16 r (the) s
17 r (network,) s
1095 1685 p (since) s
13 r (dif) s
(ferent) s
10 r (names) s
13 r (were) s
13 r (available\)) s
12 r (but) s
11 r (ef) s
(fective) s
11 r (in) s
1095 1735 p (stopping) s
9 r (the) s
10 r (virus.) s
cmsy10.300 @sf
1054 1785 p 15 c
t-rom.300 @sf
20 r (Requiring) s
11 r (new) s
13 r (passwords) s
12 r (for) s
12 r (all) s
12 r (users) s
13 r (\(or) s
12 r (at) s
12 r (least) s
13 r (all) s
1095 1835 p (users) s
9 r (who) s
8 r (had) s
9 r (passwords) s
9 r (which) s
8 r (the) s
8 r (virus) s
8 r (could) s
7 r (guess\)) s
1095 1884 p (was) s
16 r (dif) s
174 c
(cult) s
-1 r 44 c
14 r (but) s
14 r (it) s
14 r (only) s
13 r (inconvenienced) s
14 r (those) s
14 r (users) s
1095 1934 p (with) s
9 r (weak) s
11 r (passwords) s
10 r (to) s
9 r (begin) s
9 r (with,) s
10 r (and) s
9 r (was) s
11 r (ef) s
(fective) s
1095 1984 p (in) s
10 r (conjunction) s
9 r (with) s
9 r (the) s
11 r (other) s
10 r 174 c
(xes) s
11 r (\(See) s
11 r (Section) s
10 r (A.4.3) s
1095 2034 p (and) s
11 r (Appendix) s
9 r (B.\)) s
1054 2096 p (After) s
9 r (the) s
8 r (virus) s
8 r (was) s
10 r (analyzed,) s
10 r 97 c
10 r (tool) s
7 r (which) s
9 r (duplicated) s
8 r (the) s
1012 2146 p (password) s
16 r (attack) s
15 r (\(including) s
13 r (the) s
15 r (virus') s
14 r (internal) s
14 r (dictionary\)) s
1012 2196 p (was) s
8 r (posted) s
7 r (to) s
6 r (the) s
7 r (network.) s
12 r (This) s
7 r (tool) s
6 r (allowed) s
6 r (system) s
8 r (admin-) s
1012 2246 p (istrators) s
13 r (to) s
14 r (analyze) s
15 r (the) s
14 r (passwords) s
14 r (in) s
13 r (use) s
15 r (on) s
13 r (their) s
14 r (system.) s
1012 2296 p (The) s
14 r (spread) s
14 r (of) s
13 r (this) s
13 r (virus) s
12 r (should) s
12 r (be) s
14 r (ef) s
(fective) s
13 r (in) s
12 r (raising) s
13 r (the) s
1012 2345 p (awareness) s
15 r (of) s
12 r (users) s
13 r (\(and) s
13 r (administrators\)) s
11 r (to) s
12 r (the) s
13 r (importance) s
1012 2395 p (of) s
15 r (choosing) s
14 r 96 c
-2 r (`dif) s
-1 r 174 c
(cult) s
-1 r 39 c
-3 r 39 c
13 r (passwords.) s
28 r (Lawrence) s
17 r (Livermore) s
1012 2445 p (National) s
7 r (Laboratories) s
7 r (went) s
7 r (as) s
8 r (far) s
8 r (as) s
8 r (requiring) s
6 r (all) s
7 r (passwords) s
1012 2495 p (be) s
8 r (changed,) s
9 r (and) s
8 r (modifying) s
5 r (the) s
8 r (password) s
7 r (changing) s
7 r (program) s
1012 2545 p (to) s
8 r (test) s
9 r (new) s
9 r (passwords) s
8 r (against) s
9 r (the) s
8 r (lists) s
8 r (that) s
8 r (include) s
8 r (the) s
8 r (pass-) s
1012 2594 p (words) s
10 r (attacked) s
11 r (by) s
10 r (the) s
10 r (virus) s
9 r 91 c
54 c
(].) s
1012 2639 p 390 2 ru
cmr6.300 @sf
1055 2667 p 53 c
t-rom.240 @sf
1072 2678 p (However) s
44 c
9 r (both) s
10 r (sets) s
10 r (of) s
11 r (binaries) s
10 r (were) s
10 r (still) s
11 r (compiled,) s
11 r (consuming) s
8 r (pro-) s
1012 2717 p (cessor) s
8 r (time) s
8 r (on) s
8 r (an) s
7 r (attacked) s
7 r (machine.) s
t-rom.300 @sf
965 2842 p 54 c
@eop
7 @bop0
cmr6.300 @sf
[<1F003F8070C060E0E0E0E0E0E0E0F0E0FFC0FF80E200600071C039C01FC00780> 11 16 -1 0 15] 54 @dc
7 @bop1
t-bol.420 @sf
-36 96 p 51 c
57 r (Chr) s
(onology) s
t-rom.300 @sf
-36 189 p (This) s
8 r (is) s
10 r 97 c
10 r (description) s
9 r (of) s
9 r (the) s
10 r (chronology) s
8 r (of) s
9 r (the) s
10 r (virus,) s
9 r (as) s
11 r (seen) s
-36 238 p (from) s
9 r (MIT) s
-2 r 46 c
9 r (It) s
10 r (is) s
10 r (intended) s
10 r (as) s
11 r 97 c
11 r (description) s
8 r (of) s
10 r (how) s
10 r (one) s
11 r (major) s
-36 288 p (Internet) s
11 r (site) s
13 r (discovered) s
14 r (and) s
13 r (reacted) s
15 r (to) s
13 r (the) s
13 r (virus.) s
23 r (This) s
13 r (in-) s
-36 338 p (cludes) s
8 r (the) s
8 r (actions) s
9 r (of) s
8 r (our) s
9 r (group) s
8 r (at) s
8 r (MIT) s
10 r (which) s
8 r (wound) s
8 r (up) s
8 r (de-) s
-36 388 p (compili) s
-1 r (ng) s
5 r (the) s
7 r (virus) s
6 r (and) s
7 r (discovering) s
6 r (its) s
7 r (inner) s
6 r (details,) s
8 r (and) s
7 r (the) s
-36 438 p (people) s
11 r (across) s
13 r (country) s
12 r (who) s
12 r (were) s
14 r (mounting) s
10 r (similar) s
13 r (ef) s
(forts.) s
-36 488 p (It) s
7 r (is) s
8 r (our) s
8 r (belief) s
8 r (that) s
7 r (the) s
9 r (people) s
8 r (involved) s
7 r (acted) s
9 r (swiftly) s
7 r (and) s
8 r (ef-) s
-36 537 p (fectively) s
9 r (during) s
10 r (the) s
11 r (crisis) s
11 r (and) s
11 r (deserve) s
12 r (many) s
12 r (thanks.) s
17 r (Also,) s
-36 587 p (there) s
10 r (is) s
11 r (much) s
12 r (to) s
10 r (be) s
12 r (learned) s
11 r (from) s
11 r (the) s
12 r (way) s
11 r (events) s
12 r (unfolded.) s
-36 637 p (Some) s
14 r (clear) s
16 r (lessons) s
15 r (for) s
14 r (the) s
15 r (future) s
14 r (emer) s
(ged,) s
17 r (and) s
15 r (as) s
15 r (usual,) s
-36 687 p (many) s
10 r (unresolved) s
11 r (and) s
11 r (dif) s
174 c
(cult) s
9 r (issues) s
11 r (have) s
12 r (also) s
11 r (risen) s
11 r (to) s
11 r (the) s
-36 737 p (forefron) s
-1 r 116 c
8 r (to) s
9 r (be) s
10 r (considered) s
9 r (by) s
10 r (the) s
9 r (networking) s
8 r (and) s
10 r (computer) s
-36 786 p (community) s
-3 r 46 c
4 836 p (The) s
14 r (events) s
13 r (described) s
14 r (took) s
12 r (place) s
14 r (between) s
13 r 87 c
-2 r (ednesday) s
13 r 50 c
-36 886 p (November) s
10 r (1988) s
11 r (and) s
11 r (Friday) s
11 r 49 c
-1 r 49 c
10 r (November) s
12 r (1988.) s
16 r (All) s
11 r (times) s
-36 936 p (are) s
10 r (stated) s
10 r (in) s
9 r (eastern) s
11 r (standard) s
10 r (time.) s
t-bol.360 @sf
-36 1054 p (3.1) s
49 r 87 c
-2 r (ednesday:) s
23 r (Genesis) s
t-rom.300 @sf
-36 1131 p (Gene) s
11 r (Myers[) s
54 c
-1 r 93 c
11 r (of) s
12 r (the) s
11 r (NCSC) s
11 r (analyzed) s
12 r (the) s
11 r (Cornell) s
cmr7.300 @sf
803 1117 p 54 c
t-rom.300 @sf
831 1131 p (mailer) s
-36 1181 p (logs.) s
11 r (He) s
7 r (found) s
6 r (that) s
6 r (testing) s
6 r (of) s
7 r (the) s
c-med.300 @sf
6 r (sendmail) s
t-rom.300 @sf
7 r (attack) s
7 r 174 c
(rst) s
6 r (oc-) s
-36 1231 p (curred) s
7 r (on) s
9 r (19) s
8 r (October) s
9 r (1988) s
8 r (and) s
9 r (continued) s
7 r (through) s
8 r (28) s
8 r (Octo-) s
-36 1281 p (ber) s
6 r (1988.) s
13 r (On) s
8 r (29) s
7 r (October) s
8 r (1988,) s
8 r (there) s
7 r (was) s
9 r (an) s
8 r (increased) s
9 r (level) s
-36 1331 p (of) s
7 r (testing;) s
8 r (Gene) s
9 r (believes) s
9 r (the) s
9 r (virus) s
7 r (author) s
8 r (was) s
10 r (attempting) s
7 r (to) s
-36 1380 p (send) s
12 r (the) s
14 r (binaries) s
13 r (over) s
14 r (the) s
13 r (SMTP) s
15 r (connections,) s
14 r (an) s
14 r (attempt) s
-36 1430 p (which) s
7 r (was) s
10 r (bound) s
8 r (to) s
8 r (fail) s
9 r (since) s
9 r (the) s
9 r (SMTP) s
10 r (is) s
9 r (only) s
8 r (de) s
174 c
(ned) s
9 r (for) s
-36 1480 p 55 c
11 r (bit) s
10 r (ASCII) s
12 r (data) s
12 r (transfers[) s
(12) s
-1 r (].) s
20 r (The) s
12 r (author) s
12 r (appeared) s
13 r (to) s
11 r (go) s
-36 1530 p (back) s
13 r (to) s
13 r (the) s
14 r (drawing) s
13 r (board,) s
14 r (returning) s
12 r (with) s
13 r (the) s
14 r 96 c
-2 r (`grappl) s
-1 r (ing) s
-36 1580 p (hook') s
-4 r 39 c
8 r (program) s
9 r (\(see) s
11 r (section) s
10 r (A.7\)) s
9 r (on) s
10 r 87 c
-2 r (ednesday) s
9 r 50 c
9 r (Novem-) s
-36 1630 p (ber) s
11 r (1988.) s
18 r (The) s
12 r (virus) s
11 r (was) s
13 r (tested) s
12 r (or) s
11 r (launched) s
12 r (at) s
12 r (5:01:59pm.) s
-36 1679 p (The) s
16 r (logs) s
16 r (show) s
17 r (it) s
16 r (infecting) s
16 r 97 c
18 r (second) s
17 r (Cornell) s
16 r (machine) s
18 r (at) s
-36 1729 p (5:04) s
-1 r (pm.) s
18 r (This) s
13 r (may) s
12 r (have) s
13 r (been) s
13 r (the) s
12 r (genesis) s
12 r (of) s
12 r (the) s
12 r (virus,) s
12 r (but) s
-36 1779 p (that) s
12 r (is) s
14 r (disputed) s
13 r (by) s
14 r (reports) s
13 r (in) s
14 r (the) s
14 r (New) s
15 r 89 c
-3 r (ork) s
12 r 84 c
(imes[) s
49 c
-1 r 49 c
-2 r 93 c
14 r (in) s
-36 1829 p (which) s
8 r (Paul) s
10 r (Graham) s
10 r (of) s
10 r (Harvard) s
9 r (states) s
11 r (the) s
9 r (virus) s
9 r (started) s
10 r (on) s
9 r 97 c
-36 1879 p (machine) s
9 r (at) s
11 r (the) s
10 r (MIT) s
10 r (AI) s
10 r (Lab) s
11 r (via) s
10 r (remote) s
10 r (login) s
9 r (from) s
10 r (Cornell.) s
-36 1928 p (Cli) s
-1 r 102 c
-1 r 102 c
6 r (Stoll) s
5 r (of) s
7 r (Harvard) s
8 r (also) s
7 r (believes) s
8 r (that) s
6 r (the) s
7 r (virus) s
7 r (was) s
8 r (started) s
-36 1978 p (from) s
10 r (the) s
12 r (MIT) s
12 r (AI) s
12 r (Lab.) s
19 r (At) s
12 r (the) s
11 r (time) s
12 r (this) s
11 r (paper) s
12 r (was) s
13 r (written,) s
-36 2028 p (nobod) s
-1 r 121 c
10 r (has) s
12 r (analyzed) s
13 r (the) s
12 r (infected) s
12 r (Cornell) s
10 r (machines) s
13 r (to) s
11 r (de-) s
-36 2078 p (termine) s
8 r (where) s
11 r (the) s
10 r (virus) s
9 r (would) s
9 r (have) s
10 r (gone) s
10 r (next) s
10 r (if) s
9 r (they) s
10 r (were) s
-36 2128 p (indeed) s
9 r (the) s
10 r 174 c
(rst) s
10 r (infected) s
10 r (machines.) s
4 2177 p (In) s
8 r (any) s
8 r (case,) s
10 r (Paul) s
8 r (Flaherty) s
8 r (of) s
7 r (Stanford) s
7 r (reported) s
8 r (to) s
7 r (the) s
t-ita.300 @sf
8 r (tcp-) s
-36 2227 p (gr) s
-1 r (ou) s
-1 r (p@ucsd.edu) s
t-rom.300 @sf
12 r (mailing) s
13 r (list) s
12 r (on) s
13 r (Friday) s
13 r (that) s
13 r (Stanford) s
13 r (was) s
-36 2277 p (infected) s
11 r (at) s
12 r (9:00pm) s
11 r (and) s
13 r (that) s
11 r (it) s
12 r (got) s
11 r (to) s
12 r 96 c
-2 r (`most) s
11 r (of) s
12 r (the) s
12 r (campus) s
-36 2327 p (UNIX) s
9 r (machines) s
11 r (\(cf.) s
15 r 126 c
11 r (2500) s
10 r (boxes\).') s
-2 r 39 c
13 r (He) s
10 r (also) s
11 r (reported) s
10 r (the) s
-36 2377 p (viru) s
-1 r 115 c
13 r (originated) s
12 r (from) s
t-ita.300 @sf
14 r (pr) s
-1 r (ep.ai.mit.edu) s
t-rom.300 @sf
46 c
24 r (This) s
14 r (is) s
14 r (the) s
14 r (earliest) s
-36 2427 p (report) s
8 r (of) s
10 r (the) s
10 r (virus) s
9 r (we) s
11 r (have) s
11 r (seen.) s
4 2476 p (At) s
9 r (9:30pm) s
9 r 87 c
-2 r (ednesday) s
-2 r 44 c
t-ita.300 @sf
9 r (wombat.mit.edu) s
t-rom.300 @sf
44 c
8 r 97 c
10 r (private) s
9 r (work-) s
-36 2526 p (statio) s
-1 r 110 c
7 r (at) s
10 r (MIT) s
9 r (Project) s
9 r (Athena) s
9 r (maintained) s
8 r (by) s
9 r (Mike) s
9 r (Shanzer) s
-36 2560 p 390 2 ru
cmr6.300 @sf
5 2588 p 54 c
t-rom.240 @sf
22 2599 p (Cornell) s
11 r (systems) s
11 r (personel) s
10 r (had) s
10 r (discovered) s
9 r (unusual) s
10 r (messages) s
9 r (in) s
12 r (their) s
-36 2638 p (mailer) s
11 r (logs) s
12 r (and) s
12 r (passed) s
12 r (the) s
12 r (logs) s
12 r (to) s
13 r (Berkeley) s
12 r (which) s
12 r (passed) s
11 r (them) s
12 r (to) s
13 r (the) s
-36 2678 p (NCSC.) s
12 r (Later) s
12 r (it) s
12 r (was) s
12 r (reported) s
11 r (that) s
12 r (the) s
11 r (alleged) s
11 r (author) s
11 r (of) s
12 r (the) s
12 r (virus) s
11 r (was) s
12 r 97 c
-36 2717 p (Cornell) s
6 r (graduate) s
7 r (student[) s
(19) s
-2 r (].) s
t-rom.300 @sf
1012 96 p (was) s
12 r (infected.) s
14 r (It) s
10 r (was) s
11 r (running) s
9 r 97 c
11 r (version) s
10 r (of) s
c-med.300 @sf
10 r (sendmail) s
t-rom.300 @sf
10 r (with) s
1012 146 p (the) s
c-med.300 @sf
11 r (debug) s
t-rom.300 @sf
10 r (command) s
11 r (turned) s
9 r (on.) s
14 r (Mike) s
10 r (believes) s
11 r (that) s
9 r (the) s
11 r (at-) s
1012 196 p (tack) s
11 r (came) s
12 r (from) s
t-ita.300 @sf
10 r (pr) s
-1 r (ep.ai.mit.edu) s
t-rom.300 @sf
9 r (since) s
10 r (he) s
11 r (had) s
10 r (an) s
11 r (account) s
10 r (on) s
t-ita.300 @sf
1012 246 p (pr) s
-1 r (ep) s
t-rom.300 @sf
12 r (and) s
t-ita.300 @sf
11 r (wombat) s
t-rom.300 @sf
10 r (was) s
12 r (listed) s
11 r (in) s
11 r (his) s
c-med.300 @sf
11 r (.rhosts) s
t-rom.300 @sf
44 c
11 r 97 c
12 r 174 c
(le) s
12 r (which) s
1012 295 p (speci) s
174 c
(es) s
9 r 97 c
7 r (list) s
6 r (of) s
7 r (hosts) s
7 r (and) s
7 r (users) s
8 r (on) s
6 r (those) s
7 r (hosts) s
7 r (who) s
7 r (may) s
7 r (log) s
1012 345 p (into) s
9 r (an) s
10 r (account) s
9 r (over) s
10 r (the) s
9 r (network) s
9 r (without) s
8 r (supplying) s
7 r 97 c
10 r (pass-) s
1012 395 p (word.) s
22 r (Unfortunately) s
11 r (the) s
13 r (appropriate) s
12 r (logs) s
12 r (were) s
14 r (lost,) s
13 r (mak-) s
1012 445 p (ing) s
9 r (the) s
10 r (source) s
10 r (of) s
9 r (the) s
10 r (infection) s
8 r (uncertain.) s
14 r (\(The) s
10 r (logs) s
9 r (on) s
t-ita.300 @sf
9 r (pr) s
-1 r (ep) s
t-rom.300 @sf
1012 495 p (were) s
15 r (forwarded) s
14 r (via) s
c-med.300 @sf
14 r (syslog) s
t-rom.300 @sf
44 c
14 r (the) s
14 r (4.3BSD) s
14 r (UNIX) s
14 r (logging) s
1012 544 p (package,) s
14 r (to) s
11 r (another) s
11 r (host) s
11 r (which) s
12 r (was) s
12 r (down) s
11 r (and) s
12 r (by) s
11 r (the) s
12 r (time) s
1012 594 p (anybody) s
9 r (looked) s
8 r (the) s
c-med.300 @sf
8 r (wtmp) s
t-rom.300 @sf
9 r (log,) s
9 r (which) s
8 r (records) s
10 r (logins,) s
8 r (it) s
8 r (was) s
1012 644 p (truncated,) s
10 r (perhaps) s
9 r (deliberately) s
-2 r 44 c
9 r (to) s
8 r (some) s
10 r (point) s
8 r (on) s
9 r (Thursday) s
-2 r 46 c
1012 694 p (The) s
11 r (lack) s
11 r (of) s
10 r (logging) s
8 r (information) s
8 r (and) s
11 r (the) s
10 r (routine) s
9 r (discarding) s
1012 744 p (of) s
10 r (what) s
11 r (old) s
9 r (logs) s
10 r (did) s
9 r (exist) s
10 r (hampered) s
11 r (investigation) s
-1 r (s.\)) s
1054 797 p (Mike) s
10 r (Muuss) s
11 r (of) s
10 r (BRL) s
10 r (reported) s
10 r (at) s
11 r (the) s
11 r (NCSC) s
10 r (meeting) s
10 r (that) s
1012 846 p (RAND) s
16 r (was) s
17 r (also) s
16 r (hit) s
15 r (at) s
17 r (9:00pm) s
15 r (or) s
16 r (soon) s
15 r (thereafter;) s
19 r (Steve) s
1012 896 p (Miller) s
15 r (of) s
15 r (the) s
15 r (University) s
14 r (of) s
15 r (Maryland) s
15 r (\(UMD\)) s
15 r (reports) s
15 r (the) s
1012 946 p (UMD) s
11 r (was) s
11 r 174 c
(rst) s
9 r (hit) s
10 r (at) s
10 r (10:54pm;) s
8 r (Phil) s
10 r (Lapsley) s
10 r (of) s
10 r (the) s
10 r (Univer-) s
1012 996 p (sity) s
8 r (of) s
7 r (California,) s
8 r (Berkeley) s
7 r (\(UCB\)) s
8 r (stated) s
8 r (that) s
7 r (Berkeley) s
8 r (was) s
1012 1046 p (hit) s
10 r (at) s
10 r 49 c
-1 r (1:00pm.) s
t-bol.360 @sf
1012 1181 p (3.2) s
51 r (Thursday) s
26 r (Morning:) s
41 r (\\This) s
28 r (isn't) s
26 r (April) s
1125 1240 p (First") s
t-bol.300 @sf
1012 1323 p (3.2.1) s
42 r (Mor) s
101 c
16 r (People) s
16 r (Notice) s
16 r (the) s
17 r 86 c
-1 r (irus) s
t-rom.300 @sf
1012 1407 p (Dave) s
20 r (Edwards,) s
21 r (of) s
19 r (SRI) s
18 r (International,) s
19 r (said) s
19 r (at) s
19 r (the) s
18 r (NCSC) s
1012 1457 p (meeting) s
9 r (that) s
8 r (SRI) s
8 r (was) s
9 r (hit) s
7 r (at) s
9 r (midnight.) s
12 r (Chuck) s
8 r (Cole) s
8 r (and) s
8 r (Rus-) s
1012 1507 p (sell) s
9 r (Brand) s
9 r (of) s
9 r (the) s
9 r (Lawrence) s
10 r (Livermore) s
10 r (National) s
8 r (Laboratory) s
1012 1556 p (\(LLNL\)) s
13 r (reported) s
10 r (that) s
11 r (they) s
11 r (were) s
12 r (assembling) s
12 r (their) s
10 r (response) s
1012 1606 p (team) s
14 r (by) s
12 r (2:00am,) s
14 r (and) s
13 r (John) s
12 r (Bruner) s
12 r (independently) s
11 r (reported) s
1012 1656 p (spotting) s
11 r (the) s
12 r (virus) s
11 r (on) s
12 r (the) s
12 r (S1) s
13 r (machines) s
13 r (at) s
12 r (LLNL) s
14 r (about) s
11 r (that) s
1012 1706 p (time.) s
1054 1759 p (Pascal) s
15 r (Chesnais) s
13 r (of) s
13 r (the) s
14 r (MIT) s
13 r (Media) s
14 r (Lab) s
14 r (was) s
14 r (one) s
14 r (of) s
13 r (the) s
1012 1809 p 174 c
(rst) s
8 r (people) s
8 r (at) s
8 r (MIT) s
8 r (to) s
7 r (spot) s
7 r (the) s
8 r (virus,) s
8 r (after) s
8 r (10:00pm) s
6 r 87 c
-2 r (ednes-) s
1012 1858 p (day) s
-2 r 44 c
9 r (but) s
8 r (assumed) s
9 r (it) s
8 r (was) s
9 r (just) s
8 r 96 c
-2 r (`a) s
8 r (local) s
8 r (runaway) s
9 r (program') s
-2 r ('.) s
11 r 65 c
1012 1908 p (group) s
9 r (at) s
9 r (the) s
9 r (Media) s
9 r (lab) s
9 r (killed) s
7 r (the) s
9 r (anomalous) s
9 r (shell) s
9 r (and) s
9 r (com-) s
1012 1958 p (pilers) s
9 r (processes,) s
11 r (and) s
10 r (all) s
9 r (seemed) s
11 r (normal.) s
13 r (After) s
9 r (going) s
8 r (for) s
9 r (an) s
1012 2008 p (dinner) s
14 r (and) s
14 r (ice) s
14 r (cream,) s
17 r (they) s
13 r 174 c
(gured) s
14 r (out) s
13 r (that) s
13 r (it) s
13 r (was) s
15 r 97 c
14 r (virus) s
1012 2058 p (and) s
12 r (it) s
11 r (was) s
12 r (coming) s
11 r (in) s
11 r (via) s
12 r (mail.) s
18 r (Their) s
11 r (response) s
12 r (was) s
12 r (to) s
11 r (shut) s
1012 2107 p (down) s
14 r (network) s
14 r (services) s
15 r (such) s
15 r (as) s
15 r (mail) s
14 r (and) s
15 r (to) s
14 r (isolate) s
14 r (them-) s
1012 2157 p (selves) s
12 r (from) s
12 r (the) s
11 r (campus) s
12 r (network.) s
17 r (The) s
12 r (MIT) s
12 r 84 c
-2 r (elecommuni-) s
1012 2207 p (cations) s
7 r (Network) s
7 r (Group') s
-2 r 115 c
6 r (monitoring) s
4 r (information) s
6 r (shows) s
7 r (the) s
1012 2257 p (Media) s
14 r (Lab) s
14 r (gateway) s
14 r 174 c
(rst) s
13 r (went) s
13 r (down) s
13 r (at) s
14 r 49 c
-1 r (1:40p) s
-1 r 109 c
12 r 87 c
-2 r (ednes-) s
1012 2307 p (day) s
-2 r 44 c
14 r (but) s
12 r (was) s
14 r (back) s
14 r (up) s
13 r (by) s
13 r (3:00am.) s
22 r (At) s
13 r (3:10am) s
13 r (Pascal) s
14 r (gave) s
1012 2356 p (the) s
9 r 174 c
(rst) s
9 r (notice) s
8 r (of) s
9 r (the) s
8 r (virus) s
8 r (at) s
9 r (MIT) s
-2 r 44 c
9 r (by) s
8 r (creating) s
9 r 97 c
9 r (message) s
11 r (of) s
1012 2406 p (the) s
11 r (day) s
10 r (on) s
t-ita.300 @sf
10 r (media-lab) s
t-rom.300 @sf
8 r (\(see) s
12 r (Figure) s
9 r (1\).) s
t-bol.300 @sf
1012 2534 p (3.2.2) s
42 r (False) s
16 r (Alarms) s
15 r (or) s
17 r 84 c
-3 r (esting?) s
t-rom.300 @sf
1012 2617 p (Pascal) s
15 r (later) s
14 r (reported) s
13 r (that) s
13 r (logs) s
13 r (on) s
t-ita.300 @sf
13 r (media-lab) s
t-rom.300 @sf
12 r (show) s
14 r (several) s
1012 2667 p (scattered) s
12 r (messages,) s
14 r 96 c
-2 r (`ttlo) s
-1 r (op:) s
13 r (peer) s
12 r (died:) s
15 r (No) s
11 r (such) s
12 r 174 c
(le) s
11 r (or) s
11 r (di-) s
1012 2717 p (rectory') s
-2 r (',) s
15 r (which) s
14 r (frequently) s
14 r (occurred) s
15 r (just) s
14 r (before) s
15 r (the) s
14 r (virus) s
965 2842 p 55 c
@eop
8 @bop0
cmr7.300 @sf
[<0C001E001E001E001E000E000E000E00070007000300018000C0C0C0C060E0307FF87FFC7FFC6000> 14 20 -2 0 17] 55 @dc
[<0FC03FF07838E018E01CE01CE03C70FC3BF81FF01FC03FE07E7078387038703838701FE00FC0> 14 19 -1 0 17] 56 @dc
cmr6.300 @sf
[<08001C001C001C001C001C000C000C000E0006000300C180C1807FC07FE07FE06000> 11 17 -2 0 15] 55 @dc
[<1F003F8071C0E0E0E0E0E0E073E03FC01F803F8079C071C071C071C03F801F00> 11 16 -1 0 15] 56 @dc
cmr7.300 @sf
[<1F003FC070E0787078783038003C1FBC3FFC707CF03CF03CF03CF03CF038703838701FE00FC0> 14 19 -1 0 17] 57 @dc
[<0FC01FE0387070387038F03CF03CF03CF03CF03CF03CF03CF03CF03C7038703838701FE00FC0> 14 19 -1 0 17] 48 @dc
cmsy10.300 @sf
[<00030003000700060006000E000C001C0018001800380030003000700060006000E000C000C001C001800380030003000700
060006000E000C000C001C001800180038003000700060006000E000C000C000> 16 41 -2 10 21] 110 @dc
cmr6.300 @sf
[<3E007F00738071C000C008E03FE07FE0E1E0E0E0E0E0E0E0E0C071C03F801F00> 11 16 -1 0 15] 57 @dc
[<1F003F8071C060C0E0E0E0E0E0E0E0E0E0E0E0E0E0E0E0E060C071C03F801F00> 11 16 -1 0 15] 48 @dc
/Times-Italic /t-ita.240 ReEncodeForTeX /t-ita.240 /t-ita.240 33.208800 TeXPSmakefont def
8 @bop1
c-med.300 @sf
-36 124 p 65 c
23 r (Virus) s
25 r (has) s
24 r (been) s
25 r (detected) s
24 r (on) s
25 r (media-lab,) s
24 r (we) s
24 r (suspect) s
25 r (that) s
24 r (whole) s
25 r (internet) s
24 r (is) s
-36 174 p (infected) s
23 r (by) s
24 r (now.) s
50 r (The) s
24 r (virus) s
25 r (is) s
25 r (spread) s
24 r (via) s
25 r (mail) s
24 r (of) s
25 r (all) s
24 r (things...) s
24 r (So) s
25 r (Mail) s
-36 224 p (outside) s
23 r (of) s
24 r (media-lab) s
25 r (will) s
24 r (NOT) s
25 r (be) s
24 r (accepted.) s
49 r (Mail) s
25 r (addressed) s
24 r (to) s
25 r (foreign) s
-36 273 p (hosts) s
23 r (will) s
24 r (NOT) s
25 r (be) s
25 r (delivered.) s
49 r (This) s
24 r (situation) s
24 r (will) s
25 r (continue) s
24 r (until) s
24 r (someone) s
-36 323 p (figures) s
23 r (out) s
24 r 97 c
25 r (way) s
25 r (of) s
25 r (killing) s
24 r (the) s
24 r (virus) s
25 r (and) s
24 r (telling) s
25 r (everyone) s
24 r (how) s
24 r (to) s
-36 373 p (do) s
23 r (it) s
25 r (without) s
24 r (using) s
25 r (email...) s
-36 473 p (---) s
23 r (lacsap) s
24 r (Nov) s
25 r 51 c
25 r (1988) s
24 r (03:10am) s
t-rom.300 @sf
374 605 p (Figure) s
9 r (1:) s
14 r (Thursday) s
10 r (morning') s
-2 r 115 c
9 r (message) s
12 r (of) s
9 r (the) s
11 r (day) s
10 r (on) s
t-ita.300 @sf
10 r (media-lab.mit.edu) s
t-rom.300 @sf
46 c
-36 739 p (attacked) s
11 r (\(see) s
12 r (section) s
11 r (A.5.2\).) s
19 r (There) s
12 r (were) s
13 r 97 c
12 r (few) s
12 r (every) s
12 r (cou-) s
-36 789 p (ple) s
8 r (of) s
9 r (days,) s
10 r (several) s
10 r (during) s
8 r 87 c
-2 r (ednesday) s
8 r (afternoon) s
9 r (and) s
9 r (many) s
-36 839 p (startin) s
-1 r 103 c
10 r (at) s
11 r (9:48pm.) s
17 r (The) s
13 r (logs) s
10 r (on) s
t-ita.300 @sf
12 r (media-lab) s
t-rom.300 @sf
10 r (start) s
11 r (on) s
11 r (25) s
11 r (Oc-) s
-36 888 p (tober) s
8 r (1988) s
8 r (and) s
10 r (entries) s
9 r (were) s
11 r (made) s
10 r (by) s
c-med.300 @sf
10 r (telnetd) s
t-rom.300 @sf
9 r (on) s
9 r (the) s
10 r (fol-) s
-36 938 p (lowi) s
-1 r (ng) s
12 r (dates) s
14 r (before) s
14 r (the) s
14 r (swarm) s
14 r (on) s
14 r 87 c
-2 r (ednesday) s
13 r (night:) s
19 r (Oct) s
-36 988 p (26) s
15 r (15:01:57) s
-1 r 44 c
17 r (Oct) s
17 r (28) s
17 r 49 c
-1 r (1:26:) s
-1 r (55,) s
16 r (Oct) s
17 r (28) s
17 r (17:36:51) s
-1 r 44 c
17 r (Oct) s
17 r (31) s
-36 1038 p (16:2) s
-1 r (4:4) s
-1 r (1,) s
6 r (Nov) s
7 r 49 c
7 r (16:08:24) s
-1 r 44 c
7 r (Nov) s
6 r 49 c
7 r (18:02:43,) s
6 r (Nov) s
7 r 49 c
6 r (18:58:30,) s
-36 1088 p (Nov) s
8 r 50 c
10 r (12:23:51,) s
9 r (and) s
10 r (Nov) s
10 r 50 c
10 r (15:21:47.) s
4 1143 p (It) s
9 r (is) s
9 r (not) s
9 r (clear) s
10 r (whether) s
10 r (these) s
10 r (represent) s
10 r (early) s
9 r (testing) s
9 r (of) s
9 r (the) s
-36 1193 p (viru) s
-1 r (s,) s
12 r (or) s
12 r (if) s
12 r (they) s
12 r (were) s
13 r (just) s
12 r (truly) s
11 r (accidental) s
13 r (premature) s
13 r (clos-) s
-36 1243 p (ings) s
6 r (of) s
7 r (telnet) s
7 r (connections.) s
13 r 87 c
-2 r 101 c
7 r (assume) s
9 r (the) s
7 r (latter) s
-1 r 46 c
12 r 87 c
-1 r (ith) s
6 r (hind-) s
-36 1292 p (sight) s
9 r (we) s
13 r (can) s
12 r (say) s
12 r 97 c
c-med.300 @sf
13 r (telnetd) s
t-rom.300 @sf
11 r (that) s
11 r (logged) s
11 r (its) s
11 r (peer) s
13 r (address,) s
-36 1342 p (even) s
8 r (for) s
8 r (such) s
9 r (error) s
8 r (messages,) s
11 r (would) s
8 r (have) s
9 r (been) s
9 r (quite) s
8 r (useful) s
-36 1392 p (in) s
8 r (tracing) s
10 r (the) s
10 r (origin) s
8 r (and) s
11 r (progress) s
10 r (of) s
10 r (the) s
10 r (virus.) s
t-bol.300 @sf
-36 1533 p (3.2.3) s
40 r (E-mail) s
14 r (warnings) s
t-rom.300 @sf
-36 1621 p (The) s
10 r 174 c
(rst) s
11 r (posting) s
10 r (mentioning) s
9 r (the) s
11 r (virus) s
10 r (was) s
12 r (by) s
10 r (Peter) s
12 r 89 c
-3 r (ee) s
11 r (of) s
-36 1671 p (NASA) s
11 r (Ames) s
14 r (at) s
13 r (2:28am) s
12 r (on) s
13 r 87 c
-2 r (ednesday) s
12 r (to) s
12 r (the) s
t-ita.300 @sf
13 r (tcp-ip@sri-) s
-36 1720 p (nic.arpa) s
t-rom.300 @sf
6 r (mailing) s
7 r (list.) s
12 r (Peter) s
9 r (stated) s
8 r (that) s
7 r (UCB,) s
8 r (UCSD,) s
8 r (LLNL,) s
-36 1770 p (Stanford) s
-1 r 44 c
19 r (and) s
19 r (NASA) s
18 r (Ames) s
20 r (had) s
18 r (been) s
19 r (attacked,) s
21 r (and) s
18 r (de-) s
-36 1820 p (scribed) s
16 r (the) s
17 r (use) s
18 r (of) s
17 r (sendmail) s
17 r (to) s
17 r (pull) s
16 r (over) s
17 r (the) s
18 r (virus) s
16 r (bina-) s
-36 1870 p (ries,) s
16 r (including) s
13 r (the) s
15 r (x*) s
15 r 174 c
(les) s
16 r (which) s
15 r (the) s
15 r (virus) s
15 r (brie) s
175 c
121 c
15 r (stored) s
-36 1920 p (in) s
c-med.300 @sf
9 r (/usr/tmp) s
t-rom.300 @sf
46 c
17 r (The) s
12 r (virus) s
11 r (was) s
12 r (observed) s
11 r (sending) s
11 r 86 c
-4 r (AX) s
10 r (and) s
-36 1970 p (Sun) s
8 r (binaries,) s
10 r (having) s
9 r (DES) s
10 r (tables) s
10 r (built) s
8 r (in,) s
10 r (and) s
9 r (making) s
10 r (some) s
-36 2019 p (use) s
8 r (of) s
c-med.300 @sf
9 r (.rhosts) s
t-rom.300 @sf
9 r (and) s
c-med.300 @sf
9 r (hosts.equiv) s
8 r t-rom.300 @sf
174 c
(les.) s
14 r 65 c
9 r (phone) s
9 r (num-) s
-36 2069 p (ber) s
9 r (at) s
11 r (Berkeley) s
11 r (was) s
11 r (given) s
10 r (and) s
11 r (Phil) s
10 r (Lapsley) s
11 r (and) s
11 r (Kurt) s
9 r (Pires) s
-36 2119 p (were) s
10 r (listed) s
9 r (as) s
11 r (being) s
9 r (knowledgeable) s
10 r (about) s
10 r (the) s
10 r (virus.) s
4 2174 p (At) s
8 r (3:34am) s
8 r (Andy) s
7 r (Sudduth) s
7 r (from) s
8 r (Harvard) s
8 r (made) s
9 r (his) s
8 r (anony-) s
-36 2224 p (mous) s
14 r (posting) s
cmr7.300 @sf
192 2210 p 55 c
t-rom.300 @sf
224 2224 p (to) s
t-ita.300 @sf
15 r (tcp-ip@sri-nic.arpa) s
cmr7.300 @sf
619 2210 p 56 c
t-rom.300 @sf
653 2224 p (The) s
16 r (posting) s
14 r (said) s
-36 2274 p (that) s
12 r 97 c
15 r (virus) s
14 r (might) s
14 r (be) s
14 r (loose) s
15 r (on) s
14 r (the) s
14 r (Internet) s
14 r (and) s
15 r (that) s
13 r (there) s
-36 2324 p (were) s
16 r (three) s
17 r (steps) s
17 r (to) s
17 r (take) s
17 r (to) s
17 r (prevent) s
16 r (further) s
16 r (transmission.) s
-36 2374 p (These) s
15 r (included) s
14 r (not) s
14 r (running) s
c-med.300 @sf
13 r (fingerd) s
t-rom.300 @sf
15 r (or) s
15 r 174 c
(xing) s
14 r (it) s
14 r (not) s
14 r (to) s
-36 2423 p (overwrit) s
-1 r 101 c
14 r (the) s
15 r (stack) s
16 r (when) s
15 r (reading) s
15 r (its) s
14 r (ar) s
(guments) s
15 r (from) s
15 r (the) s
-36 2481 p 390 2 ru
cmr6.300 @sf
5 2509 p 55 c
t-rom.240 @sf
22 2520 p (In) s
8 r 97 c
8 r (message) s
7 r (to) s
9 r (the) s
8 r (same) s
7 r (mailing) s
8 r (list) s
9 r (on) s
8 r (Saturday) s
7 r 53 c
8 r (November) s
7 r (1988,) s
-36 2559 p (he) s
6 r (acknowledged) s
6 r (being) s
7 r (the) s
8 r (author) s
8 r (of) s
8 r (the) s
8 r (Thursday) s
7 r (morning) s
7 r (message) s
8 r (and) s
-36 2599 p (stated) s
11 r (he) s
12 r (had) s
11 r (posted) s
12 r (the) s
12 r (message) s
11 r (anonymously) s
10 r (because) s
11 r 96 c
-1 r (`at) s
11 r (the) s
13 r (time) s
12 r 73 c
-36 2638 p (didn') s
-1 r 116 c
7 r (want) s
7 r (to) s
9 r (answer) s
7 r (questions) s
7 r (about) s
7 r (how) s
7 r 73 c
9 r (knew) s
-2 r (.') s
-2 r 39 c
cmr6.300 @sf
5 2667 p 56 c
t-rom.240 @sf
22 2678 p (An) s
10 r 96 c
-1 r (`obsc) s
-1 r (ure) s
8 r (electronic) s
9 r (bulletin) s
9 r (board') s
-1 r (',) s
8 r (according) s
8 r (to) s
10 r (the) s
10 r (New) s
10 r 89 c
-2 r (ork) s
-36 2717 p 84 c
(ime) s
-1 r (s[) s
49 c
-1 r 49 c
-3 r (].) s
12 r (Nothing) s
7 r (could) s
7 r (be) s
8 r (further) s
7 r (from) s
8 r (the) s
8 r (truth.) s
t-rom.300 @sf
1012 739 p (net) s
cmr7.300 @sf
1063 725 p 57 c
t-rom.300 @sf
1082 739 p 44 c
22 r (being) s
18 r (sure) s
c-med.300 @sf
20 r (sendmail) s
t-rom.300 @sf
19 r (was) s
20 r (compiled) s
18 r (without) s
18 r (the) s
c-med.300 @sf
1012 789 p (debug) s
t-rom.300 @sf
10 r (command,) s
12 r (and) s
10 r (not) s
10 r (running) s
c-med.300 @sf
8 r (rexecd) s
t-rom.300 @sf
46 c
1054 840 p (Mike) s
11 r (Patton,) s
10 r (Network) s
10 r (Manager) s
12 r (for) s
10 r (the) s
11 r (MIT) s
11 r (Laboratory) s
1012 889 p (for) s
9 r (Computer) s
8 r (Science) s
10 r (\(LCS\),) s
9 r (was) s
9 r (the) s
9 r 174 c
(rst) s
8 r (to) s
8 r (point) s
7 r (out) s
8 r (to) s
9 r (us) s
1012 939 p (the) s
8 r (peculiarities) s
7 r (of) s
7 r (this) s
7 r (posting.) s
12 r (It) s
7 r (was) s
8 r (made) s
9 r (from) s
8 r (an) s
8 r (Annex) s
1012 989 p (terminal) s
14 r (server) s
cmr7.300 @sf
1266 975 p (10) s
t-rom.300 @sf
1315 989 p (at) s
14 r (Aiken) s
13 r (Laboratory) s
13 r (at) s
14 r (Harvard,) s
15 r (by) s
13 r (tel-) s
1012 1039 p (neting) s
9 r (to) s
10 r (the) s
10 r (SMTP) s
10 r (port) s
9 r (of) s
t-ita.300 @sf
10 r (iris.br) s
-1 r (own.edu) s
t-rom.300 @sf
46 c
12 r (This) s
10 r (is) s
10 r (obvious) s
1012 1089 p (since) s
14 r (the) s
12 r (message) s
15 r (was) s
13 r (from) s
13 r 96 c
-2 r (`foo%) s
-1 r (bar) s
-2 r (.arpa') s
-2 r 39 c
10 r (and) s
13 r (because) s
1012 1139 p (the) s
14 r (last) s
14 r (line) s
13 r (of) s
14 r (the) s
13 r (message) s
16 r (was) s
15 r 96 c
-2 r (`qui) s
cmsy10.300 @sf
-1 r 110 c
t-rom.300 @sf
(177) s
cmsy10.300 @sf
-1 r 110 c
t-rom.300 @sf
(177) s
cmsy10.300 @sf
-1 r 110 c
t-rom.300 @sf
(177) s
-1 r 39 c
-3 r (',) s
13 r (an) s
1012 1188 p (attempt) s
14 r (to) s
12 r (get) s
14 r (rubout) s
12 r (processing) s
13 r (out) s
12 r (of) s
13 r (the) s
14 r (Brown) s
12 r (SMTP) s
1012 1238 p (server) s
-1 r 44 c
11 r 97 c
11 r (common) s
10 r (mistake) s
11 r (when) s
10 r (faking) s
10 r (Internet) s
9 r (mail.) s
1054 1289 p (It) s
8 r (was) s
10 r (ironic) s
8 r (that) s
8 r (this) s
8 r (posting) s
8 r (did) s
8 r (almost) s
9 r (no) s
8 r (good.) s
13 r (Figure) s
1012 1339 p 50 c
12 r (shows) s
12 r (the) s
12 r (path) s
12 r (it) s
11 r (took) s
11 r (to) s
11 r (get) s
12 r (to) s
11 r (Athena.) s
20 r (There) s
13 r (was) s
12 r 97 c
13 r (20) s
1012 1389 p (hour) s
11 r (delay) s
10 r (before) s
11 r (the) s
11 r (message) s
13 r (escaped) s
12 r (from) s
t-ita.300 @sf
11 r 114 c
-1 r (elay) s
-1 r (.cs.net) s
cmr7.300 @sf
1953 1375 p (11) s
t-rom.300 @sf
1012 1438 p (and) s
15 r (got) s
14 r (to) s
t-ita.300 @sf
14 r (sri-nic.arpa) s
t-rom.300 @sf
46 c
26 r (Another) s
14 r 54 c
15 r (hours) s
14 r (went) s
14 r (by) s
14 r (before) s
1012 1488 p (the) s
9 r (message) s
11 r (was) s
9 r (received) s
10 r (by) s
t-ita.300 @sf
8 r (athena.mit.edu) s
cmr7.300 @sf
1751 1474 p (12) s
t-rom.300 @sf
1786 1488 p 46 c
14 r (Other) s
9 r (sites) s
1012 1538 p (have) s
11 r (reported) s
10 r (similar) s
10 r (delays.) s
t-bol.300 @sf
1012 1654 p (3.2.4) s
42 r 89 c
-4 r (et) s
16 r (Mor) s
101 c
16 r (People) s
16 r (Notice) s
16 r (the) s
16 r 86 c
-1 r (irus) s
t-rom.300 @sf
1012 1733 p (About) s
18 r (4:00am) s
18 r (Thursday) s
18 r (Richard) s
18 r (Basch) s
18 r (of) s
18 r (MIT) s
19 r (Project) s
1012 1783 p (Athena) s
12 r (noticed) s
11 r 97 c
12 r 96 c
-2 r (`text) s
10 r (table) s
11 r (full') s
-2 r 39 c
c-med.300 @sf
9 r (syslog) s
t-rom.300 @sf
11 r (message) s
14 r (from) s
t-ita.300 @sf
1012 1833 p (paris.mit.edu) s
t-rom.300 @sf
44 c
23 r (an) s
21 r (Athena) s
20 r (development) s
20 r (machine.) s
45 r (Since) s
1012 1883 p (there) s
8 r (was) s
8 r (only) s
6 r (one) s
8 r (message) s
9 r (and) s
7 r (he) s
8 r (was) s
8 r (busy) s
7 r (doing) s
6 r 97 c
8 r (project) s
1012 1933 p (for) s
10 r 97 c
11 r (digital) s
9 r (design) s
9 r (lab) s
10 r (course,) s
11 r (he) s
11 r (ignored) s
9 r (it.) s
1054 1983 p (At) s
12 r (4:51am) s
13 r (Chris) s
11 r (Hanson) s
13 r (of) s
12 r (the) s
13 r (MIT) s
13 r (AI) s
12 r (Laboratory) s
12 r (re-) s
1012 2033 p (ported) s
16 r (spotting) s
15 r (anomalous) s
17 r (telnet) s
16 r (traf) s
174 c
99 c
16 r (to) s
16 r (serveral) s
17 r (gate-) s
1012 2083 p (ways) s
12 r (coming) s
11 r (from) s
11 r (machines) s
12 r (at) s
12 r (LCS.) s
12 r (He) s
11 r (noted) s
11 r (that) s
11 r (the) s
11 r (at-) s
1012 2133 p (tempts) s
14 r (were) s
14 r (occurring) s
13 r (every) s
14 r (one) s
14 r (or) s
13 r (two) s
14 r (seconds) s
14 r (and) s
14 r (had) s
1012 2183 p (been) s
11 r (happening) s
10 r (for) s
9 r (several) s
11 r (hours.) s
1054 2234 p (At) s
17 r (5:58am) s
17 r (Thursday) s
18 r (morning) s
16 r (Keith) s
17 r (Bostic) s
17 r (of) s
18 r (Berke-) s
1012 2283 p (ley) s
19 r (made) s
21 r (the) s
19 r 174 c
(rst) s
18 r (bug) s
19 r 174 c
120 c
19 r (posting.) s
39 r (The) s
20 r (message) s
21 r (went) s
1012 2323 p 390 2 ru
cmr6.300 @sf
1055 2351 p 57 c
t-rom.240 @sf
1072 2362 p (This) s
11 r (was) s
10 r 97 c
10 r (level) s
10 r (of) s
10 r (detail) s
10 r (that) s
10 r (only) s
10 r (the) s
10 r (originator) s
9 r (of) s
10 r (the) s
10 r (virus) s
10 r (could) s
1012 2401 p (have) s
7 r (known) s
7 r (at) s
8 r (that) s
8 r (time.) s
12 r 84 c
-1 r 111 c
7 r (our) s
7 r (knowledge) s
6 r (nobody) s
6 r (had) s
7 r (yet) s
8 r (identi) s
174 c
(ed) s
8 r (the) s
1012 2440 p 174 c
(nger) s
8 r (bug,) s
7 r (since) s
8 r (it) s
8 r (only) s
7 r (af) s
(fected) s
7 r (certain) s
7 r 86 c
-3 r (AX) s
7 r (hosts,) s
8 r (and) s
7 r (certainly) s
7 r (nobody) s
1012 2480 p (had) s
8 r (discovered) s
6 r (its) s
9 r (mechanism.) s
cmr6.300 @sf
1040 2509 p (10) s
t-rom.240 @sf
1072 2520 p (Perhaps) s
8 r (ironically) s
7 r (named) s
t-ita.240 @sf
7 r (in) s
175 c
(uenza.har) s
-1 r (var) s
-2 r (d.edu) s
t-rom.240 @sf
-1 r 46 c
cmr6.300 @sf
1040 2548 p (11) s
t-rom.240 @sf
1072 2559 p (This) s
11 r (is) s
11 r (probably) s
8 r (because) s
t-ita.240 @sf
9 r 114 c
(elay) s
-2 r (.cs.net) s
t-rom.240 @sf
9 r (was) s
10 r (of) s
102 c
10 r (the) s
10 r (air) s
10 r (during) s
10 r (most) s
10 r (of) s
1012 2599 p (the) s
8 r (crisis.) s
cmr6.300 @sf
1040 2627 p (12) s
t-rom.240 @sf
1072 2638 p (Phil) s
9 r (Lapsley) s
7 r (and) s
7 r (Mike) s
7 r (Karels) s
8 r (of) s
8 r (Berkeley) s
7 r (reported) s
6 r (that) s
8 r (the) s
8 r (only) s
7 r (way) s
1012 2678 p (to) s
7 r (get) s
7 r (mail) s
7 r (to) s
t-ita.240 @sf
6 r (tcp-ip@sri-nic.arpa) s
t-rom.240 @sf
5 r (to) s
7 r 175 c
(ow) s
7 r (quickly) s
5 r (is) s
7 r (to) s
7 r (call) s
7 r (up) s
6 r (Mark) s
5 r (Lottor) s
1012 2717 p (at) s
9 r (SRI) s
9 r (and) s
7 r (ask) s
8 r (him) s
8 r (to) s
8 r (manually) s
7 r (push) s
7 r (the) s
7 r (queue) s
7 r (through.) s
t-rom.300 @sf
965 2842 p 56 c
@eop
9 @bop0
9 @bop1
c-med.300 @sf
-36 124 p (Received:) s
23 r (by) s
24 r (ATHENA.MIT.EDU) s
24 r (\(5.45/4.7\)) s
24 r (id) s
25 r (AA29119;) s
24 r (Sat,) s
24 r 53 c
25 r (Nov) s
25 r (88) s
24 r (05:59:13) s
25 r (EST) s
-36 174 p (Received:) s
23 r (from) s
24 r (RELAY.CS.NET) s
24 r (by) s
25 r (SRI-NIC.ARPA) s
23 r (with) s
25 r (TCP;) s
24 r (Fri,) s
25 r 52 c
25 r (Nov) s
24 r (88) s
25 r (23:23:24) s
24 r (PST) s
-36 224 p (Received:) s
23 r (from) s
24 r (cs.brown.edu) s
24 r (by) s
25 r (RELAY.CS.NET) s
23 r (id) s
25 r (aa05627;) s
24 r 51 c
25 r (Nov) s
25 r (88) s
24 r (3:47) s
25 r (EST) s
-36 273 p (Received:) s
23 r (from) s
24 r (iris.brown.edu) s
24 r (\(iris.ARPA\)) s
24 r (by) s
24 r (cs.brown.edu) s
24 r (\(1.2/1.00\)) s
212 323 p (id) s
24 r (AA12595;) s
24 r (Thu,) s
25 r 51 c
25 r (Nov) s
24 r (88) s
25 r (03:47:19) s
24 r (est) s
-36 373 p (Received:) s
23 r (from) s
49 r (\(128.103.1.92\)) s
24 r (with) s
24 r (SMTP) s
25 r (via) s
24 r (tcp/ip) s
212 423 p (by) s
24 r (iris.brown.edu) s
24 r (on) s
25 r (Thu,) s
24 r 51 c
25 r (Nov) s
25 r (88) s
24 r (03:34:46) s
24 r (EST) s
t-rom.300 @sf
358 556 p (Figure) s
10 r (2:) s
13 r (Path) s
10 r (of) s
10 r (Andy) s
10 r (Sudduth') s
-2 r 115 c
8 r (warning) s
9 r (message) s
12 r (from) s
11 r (Harvard) s
10 r (to) s
10 r (MIT) s
-2 r 46 c
-36 689 p (to) s
22 r (the) s
t-ita.300 @sf
25 r (tcp-ip@sri-nic.arpa) s
t-rom.300 @sf
23 r (mailing) s
23 r (list) s
23 r (and) s
25 r (the) s
24 r (news-) s
-36 739 p (group) s
-1 r 115 c
t-ita.300 @sf
29 r (comp.bugs.4bsd.ucb-) s
174 c
(xes) s
t-rom.300 @sf
44 c
t-ita.300 @sf
36 r (news.announce) s
t-rom.300 @sf
44 c
36 r (and) s
t-ita.300 @sf
-36 789 p (news.sysadmin) s
t-rom.300 @sf
46 c
12 r (It) s
7 r (supplied) s
7 r (the) s
8 r 96 c
-2 r (`compile) s
7 r (without) s
6 r (the) s
8 r (debug) s
-36 839 p (command') s
-2 r 39 c
12 r 174 c
120 c
14 r (to) s
c-med.300 @sf
13 r (sendmail) s
t-rom.300 @sf
13 r (\(or) s
14 r (patch) s
14 r (the) s
c-med.300 @sf
14 r (debug) s
t-rom.300 @sf
13 r (com-) s
-36 888 p (mand) s
14 r (to) s
15 r 97 c
15 r (garbage) s
16 r (string\),) s
15 r (as) s
16 r (well) s
15 r (as) s
16 r (the) s
15 r (very) s
15 r (wise) s
15 r (sug-) s
-36 938 p (gestion) s
13 r (to) s
16 r (rename) s
17 r (the) s
15 r (UNIX) s
16 r 67 c
16 r (compiler) s
15 r (and) s
16 r (loader) s
16 r 40 c
c-med.300 @sf
(cc) s
t-rom.300 @sf
-36 988 p (and) s
c-med.300 @sf
16 r (ld) s
t-rom.300 @sf
(\),) s
20 r (which) s
17 r (was) s
18 r (ef) s
(fective) s
18 r (since) s
18 r (the) s
17 r (virus) s
17 r (needed) s
18 r (to) s
-36 1038 p (compile) s
14 r (and) s
16 r (link) s
14 r (itself,) s
17 r (and) s
16 r (which) s
15 r (would) s
15 r (be) s
16 r (ef) s
(fective) s
16 r (at) s
-36 1088 p (prot) s
-1 r (ecting) s
7 r (against) s
10 r (non-) s
c-med.300 @sf
(sendmail) s
t-rom.300 @sf
8 r (attacks,) s
10 r (whatever) s
10 r (those) s
-36 1138 p (might) s
12 r (have) s
16 r (turned) s
14 r (out) s
14 r (to) s
14 r (be.) s
29 r (It) s
14 r (also) s
15 r (told) s
14 r (people) s
14 r (that) s
15 r (the) s
-36 1187 p (viru) s
-1 r 115 c
17 r (renamed) s
18 r (itself) s
18 r (to) s
17 r 96 c
-2 r (`\(sh\)') s
-3 r 39 c
16 r (and) s
18 r (used) s
18 r (temporary) s
17 r 174 c
(les) s
-36 1237 p (in) s
c-med.300 @sf
15 r (/usr/tmp) s
t-rom.300 @sf
17 r (named) s
18 r (XNNN,vax.o,) s
20 r (XNNN,sun3.o,) s
20 r (and) s
-36 1287 p (XNNN,l1.c) s
12 r (\(where) s
13 r (NNN) s
13 r (were) s
14 r (random) s
13 r (numbers,) s
14 r (possibly) s
-36 1337 p (process) s
7 r (id') s
-1 r (s\),) s
6 r (and) s
8 r (suggested) s
8 r (that) s
7 r (you) s
7 r (could) s
7 r (identify) s
6 r (infected) s
-36 1387 p (machine) s
8 r (by) s
8 r (looking) s
7 r (for) s
8 r (these) s
9 r 174 c
(les.) s
14 r (That) s
9 r (was) s
9 r (somewhat) s
10 r (dif-) s
-36 1436 p 174 c
(cult) s
7 r (to) s
9 r (do) s
9 r (in) s
8 r (practice,) s
10 r (however) s
-1 r 44 c
10 r (since) s
9 r (the) s
9 r (virus) s
9 r (quickly) s
7 r (got) s
-36 1486 p (rid) s
13 r (of) s
14 r (all) s
15 r (of) s
14 r (these) s
15 r 174 c
(les.) s
29 r 65 c
14 r (somewhat) s
16 r (better) s
14 r (solution) s
13 r (was) s
-36 1536 p (propo) s
-1 r (sed) s
12 r (later) s
13 r (in) s
13 r (the) s
13 r (day) s
14 r (by) s
-2 r 44 c
13 r (among) s
14 r (others,) s
14 r (John) s
12 r (Kohl) s
13 r (of) s
-36 1586 p (DEC) s
9 r (and) s
11 r (Project) s
10 r (Athena,) s
12 r (who) s
10 r (suggested) s
10 r (doing) s
10 r 97 c
c-med.300 @sf
11 r (cat) s
25 r (-v) s
-36 1636 p (/usr/tmp) s
t-rom.300 @sf
44 c
12 r (thus) s
13 r (revealing) s
13 r (the) s
13 r (raw) s
14 r (contents) s
12 r (of) s
14 r (the) s
13 r (direc-) s
-36 1685 p (tory) s
-3 r 44 c
12 r (including) s
11 r (the) s
13 r (names) s
15 r (of) s
13 r (deleted) s
13 r 174 c
(les) s
13 r (whose) s
14 r (directory) s
-36 1735 p (slot) s
-1 r 115 c
9 r (had) s
10 r (not) s
10 r (yet) s
10 r (been) s
11 r (re-used) s
cmr7.300 @sf
455 1721 p (13) s
t-rom.300 @sf
490 1735 p 46 c
4 1790 p (The) s
c-med.300 @sf
16 r (fingerd) s
t-rom.300 @sf
14 r (attack) s
15 r (was) s
16 r (not) s
14 r (even) s
15 r (known,) s
16 r (much) s
15 r (less) s
-36 1839 p (understo) s
-1 r (od,) s
20 r (at) s
19 r (this) s
18 r (point.) s
39 r (Phil) s
18 r (Lapsley) s
20 r (reported) s
19 r (at) s
19 r (the) s
-36 1889 p (NCSC) s
12 r (meeting) s
14 r (that) s
14 r (Ed) s
14 r 87 c
-2 r (ang) s
13 r (of) s
14 r (Berkeley) s
14 r (discovered) s
14 r (the) s
c-med.300 @sf
-36 1939 p (fingerd) s
t-rom.300 @sf
18 r (mechanism) s
21 r (around) s
19 r (8:00am) s
19 r (and) s
20 r (sent) s
20 r (mail) s
19 r (to) s
-36 1989 p (Mike) s
8 r (Karels,) s
10 r (but) s
9 r (this) s
9 r (mail) s
10 r (went) s
9 r (unread) s
10 r (until) s
8 r (after) s
9 r (the) s
10 r (crisis) s
-36 2039 p (had) s
9 r (passed.) s
4 2093 p (At) s
25 r (8:06am) s
26 r (Gene) s
26 r (Spaf) s
(ford) s
24 r (of) s
26 r (Purdue) s
25 r (forwarded) s
25 r (to) s
-36 2143 p (the) s
t-ita.300 @sf
5 r (nntp-managers@ucbvax.berkeley) s
-1 r (.edu) s
t-rom.300 @sf
7 r (mailing) s
6 r (list) s
6 r (Keith) s
-36 2193 p (Bosti) s
-1 r (c') s
-2 r 115 c
10 r 174 c
(xes.) s
18 r 84 c
-2 r (ed) s
11 r 84 c
-2 r (s'o) s
11 r (of) s
11 r (MIT) s
12 r (Project) s
11 r (Athena) s
12 r (forwarded) s
-36 2242 p (thi) s
-1 r 115 c
12 r (to) s
12 r (an) s
14 r (internal) s
12 r (Project) s
12 r (Athena) s
14 r (hackers) s
14 r (list) s
12 r 40 c
t-ita.300 @sf
(watchmak-) s
-36 2292 p (ers@athena.mit.edu) s
t-rom.300 @sf
41 c
13 r (at) s
14 r (10:07am.) s
26 r (He) s
15 r (expressed) s
16 r (disbelief) s
-36 2342 p (\(`) s
-2 r (`) s
-1 r (no) s
-1 r 44 c
16 r (it') s
-1 r 115 c
14 r (not) s
16 r (April) s
15 r (1st') s
-2 r ('\)) s
-1 r 44 c
16 r (and) s
17 r (thought) s
14 r (Athena) s
16 r (machines) s
-36 2392 p (were) s
11 r (safe.) s
20 r (Though) s
11 r (no) s
12 r (production) s
9 r (Athena) s
12 r (servers) s
13 r (were) s
12 r (in-) s
-36 2442 p (fected,) s
13 r (several) s
14 r (private) s
12 r (workstations) s
11 r (and) s
13 r (development) s
13 r (ma-) s
-36 2491 p (chines) s
9 r (were,) s
11 r (so) s
11 r (this) s
9 r (proved) s
10 r (overly) s
9 r (optimistic.) s
4 2546 p (Mark) s
16 r (Reinhold,) s
17 r 97 c
16 r (MIT) s
17 r (LCS) s
16 r (graduate) s
17 r (student,) s
17 r (reacted) s
-36 2600 p 390 2 ru
cmr6.300 @sf
-9 2627 p (13) s
t-rom.240 @sf
22 2638 p (Jerry) s
8 r (Saltzer) s
44 c
7 r (MIT) s
8 r (EECS) s
9 r (Professor) s
8 r (and) s
7 r 84 c
-1 r (echnica) s
-1 r 108 c
7 r (Director) s
8 r (of) s
7 r (Project) s
-36 2678 p (Athena) s
-1 r 44 c
5 r (included) s
4 r (similar) s
6 r (detection) s
4 r (advice) s
5 r (in) s
5 r 97 c
6 r (message) s
4 r (describing) s
4 r (the) s
5 r (virus) s
-36 2717 p (to) s
8 r (the) s
7 r (Athena) s
7 r (staf) s
102 c
7 r (sent) s
8 r (at) s
9 r 49 c
(1:1) s
-1 r (7am) s
6 r (on) s
7 r (Friday) s
-1 r 46 c
t-rom.300 @sf
1012 689 p (to) s
11 r (the) s
11 r (virus) s
10 r (around) s
10 r (8:00am) s
11 r (by) s
10 r (powering) s
10 r (of) s
102 c
10 r (some) s
11 r (network) s
1012 739 p (equipment) s
11 r (in) s
10 r (LCS.) s
12 r 84 c
(im) s
10 r (Shepard,) s
11 r (also) s
11 r 97 c
12 r (LCS) s
11 r (graduate) s
11 r (stu-) s
1012 789 p (dent,) s
12 r (soon) s
11 r (joined) s
10 r (him.) s
17 r (They) s
11 r (were) s
12 r (hampered) s
12 r (by) s
11 r 97 c
12 r (growing) s
1012 839 p (number) s
10 r (of) s
9 r (people) s
10 r (who) s
9 r (wanted) s
10 r (information) s
7 r (about) s
9 r (what) s
10 r (was) s
1012 888 p (happening.) s
25 r (Mark) s
15 r (and) s
14 r 84 c
(im) s
13 r (tried) s
13 r (to) s
14 r (call) s
14 r (Peter) s
15 r 89 c
-3 r (ee) s
14 r (several) s
1012 938 p (times) s
11 r (and) s
11 r (eventually) s
9 r (managed) s
12 r (to) s
10 r (get) s
10 r (through) s
9 r (to) s
10 r (Phil) s
10 r (Laps-) s
1012 988 p (ley) s
11 r (who) s
9 r (relayed) s
11 r (what) s
10 r (was) s
11 r (then) s
10 r (known) s
9 r (about) s
10 r (the) s
10 r (virus.) s
1054 1045 p (At) s
11 r (about) s
11 r (this) s
10 r (time,) s
13 r (Richard) s
11 r (Basch) s
12 r (returned) s
10 r (to) s
11 r (his) s
11 r (work-) s
1012 1095 p (station) s
16 r (\(you) s
15 r (can) s
17 r (only) s
15 r (do) s
16 r (so) s
16 r (much) s
17 r (school-work) s
15 r (after) s
16 r (all\)) s
1012 1145 p (and) s
13 r (noticed) s
13 r (many) s
13 r (duplicates) s
12 r (of) s
12 r (the) s
13 r 96 c
-2 r (`text) s
11 r (table) s
13 r (full') s
-3 r 39 c
11 r (mes-) s
1012 1194 p (sages) s
16 r (from) s
t-ita.300 @sf
14 r (paris) s
t-rom.300 @sf
14 r (and) s
14 r (went) s
15 r (to) s
13 r (investigate.) s
26 r (He) s
15 r (discovered) s
1012 1244 p (several) s
14 r (suspicious) s
12 r (logins) s
12 r (from) s
13 r (old) s
12 r (accounts) s
13 r (which) s
13 r (should) s
1012 1294 p (have) s
11 r (long) s
9 r (ago) s
10 r (been) s
11 r (pur) s
(ged.) s
12 r (The) s
11 r (load) s
10 r (was) s
10 r (intolerably) s
8 r (high,) s
1012 1344 p (and) s
16 r (he) s
15 r (only) s
14 r (managed) s
16 r (to) s
14 r (get) s
15 r (one) s
15 r (line) s
15 r (out) s
14 r (of) s
15 r 97 c
c-med.300 @sf
15 r (netstat) s
t-rom.300 @sf
1012 1394 p (command) s
13 r (before) s
13 r (giving) s
10 r (up,) s
12 r (but) s
11 r (that) s
12 r (proved) s
11 r (quite) s
11 r (interest-) s
1012 1443 p (ing.) s
19 r (It) s
12 r (showed) s
12 r (an) s
12 r (outgoing) s
c-med.300 @sf
10 r (rsh) s
t-rom.300 @sf
12 r (connection) s
12 r (from) s
t-ita.300 @sf
12 r (paris) s
t-rom.300 @sf
11 r (to) s
t-ita.300 @sf
1012 1493 p (fmgc.mit.edu) s
t-rom.300 @sf
44 c
11 r (which) s
9 r (is) s
11 r 97 c
10 r (standalone) s
10 r (non-UNIX) s
9 r (gateway) s
-2 r 46 c
1054 1550 p (During) s
16 r (Thursday) s
18 r (morning) s
16 r (Ray) s
17 r (Hirschfeld) s
17 r (spotted) s
17 r (the) s
1012 1600 p (virus) s
14 r (on) s
13 r (the) s
14 r (MIT) s
14 r (Math) s
14 r (department) s
14 r (Sun) s
13 r (workstations) s
13 r (and) s
1012 1650 p (shut) s
21 r (down) s
21 r (the) s
21 r (math) s
22 r (gateway) s
21 r (to) s
21 r (the) s
21 r (MIT) s
22 r (backbone) s
21 r (at) s
1012 1700 p (10:15am.) s
14 r (It) s
10 r (remained) s
11 r (down) s
9 r (until) s
9 r (3:15pm.) s
1054 1756 p (Around) s
14 r 49 c
-1 r (1:00am) s
14 r (the) s
15 r (MIT) s
16 r (Statistics) s
14 r (Center) s
15 r (called) s
15 r (Dan) s
1012 1806 p (Geer) s
-1 r 44 c
12 r (Manager) s
12 r (of) s
11 r (System) s
12 r (Development) s
11 r (at) s
11 r (Project) s
11 r (Athena.) s
1012 1856 p (One) s
16 r (of) s
15 r (their) s
15 r (Sun) s
15 r (workstations,) s
t-ita.300 @sf
15 r (dolphin.mi) s
-1 r (t.edu) s
t-rom.300 @sf
14 r (had) s
15 r (been) s
1012 1906 p (infected) s
16 r (via) s
15 r 97 c
15 r (Project) s
15 r (Athena) s
16 r (guest) s
15 r (account) s
15 r (with) s
14 r 97 c
16 r (weak) s
1012 1956 p (password,) s
10 r (along) s
8 r (with) s
7 r (the) s
9 r (account) s
8 r (of) s
9 r 97 c
9 r (former) s
9 r (staf) s
102 c
7 r (member) s
-1 r 46 c
1012 2006 p (This) s
12 r (infection) s
9 r (had) s
12 r (spread) s
11 r (to) s
11 r (all) s
10 r (hosts) s
11 r (in) s
11 r (the) s
11 r (Statistics) s
10 r (Cen-) s
1012 2055 p (ter) s
-1 r 46 c
20 r (They) s
13 r (had) s
13 r (been) s
13 r (trying) s
11 r (for) s
12 r (some) s
14 r (time) s
12 r (prior) s
12 r (to) s
12 r (call) s
12 r (Dan) s
1012 2105 p (to) s
12 r (eradicate) s
13 r (the) s
12 r (virus,) s
12 r (but) s
11 r (the) s
12 r (continual) s
10 r (reinfection) s
11 r (among) s
1012 2155 p (their) s
10 r (local) s
10 r (hosts) s
10 r (had) s
10 r (proved) s
10 r (insurmountably) s
8 r (baf) s
175 c
(ing.) s
1054 2212 p (Keith) s
29 r (Bostic) s
28 r (sent) s
29 r 97 c
30 r (second) s
30 r (virus) s
28 r 174 c
120 c
29 r (message) s
31 r (to) s
t-ita.300 @sf
1012 2262 p (comp.4bsd.ucb-) s
174 c
(xes) s
t-rom.300 @sf
17 r (at) s
15 r 49 c
-1 r (1:12am.) s
28 r (It) s
15 r (suggested) s
16 r (using) s
14 r (0xf) s
102 c
1012 2311 p (instead) s
16 r (of) s
15 r (0x00) s
14 r (in) s
15 r (the) s
16 r (binary) s
14 r (patch) s
16 r (to) s
c-med.300 @sf
15 r (sendmail) s
t-rom.300 @sf
46 c
29 r (The) s
1012 2361 p (previous) s
16 r (patch,) s
18 r (while) s
15 r (ef) s
(fective) s
16 r (against) s
16 r (the) s
16 r (current) s
16 r (virus,) s
1012 2411 p (would) s
8 r (drop) s
7 r (you) s
8 r (into) s
7 r (debug) s
7 r (mode) s
9 r (if) s
8 r (you) s
7 r (sent) s
8 r (an) s
9 r (empty) s
8 r (com-) s
1012 2461 p (mand) s
14 r (line.) s
21 r (He) s
13 r (also) s
13 r (suggested) s
13 r (using) s
12 r (the) s
12 r (UNIX) s
c-med.300 @sf
13 r (strings) s
t-rom.300 @sf
1012 2511 p (command) s
15 r (to) s
13 r (look) s
12 r (in) s
13 r (the) s
c-med.300 @sf
14 r (sendmail) s
t-rom.300 @sf
13 r (binary) s
12 r (for) s
13 r (the) s
14 r (string) s
1012 2561 p 96 c
-2 r (`debug') s
-3 r ('.) s
30 r (If) s
16 r (it) s
15 r (didn') s
116 c
14 r (appear) s
17 r (at) s
16 r (all) s
16 r (then) s
16 r (your) s
15 r (version) s
16 r (of) s
c-med.300 @sf
1012 2610 p (sendmail) s
t-rom.300 @sf
10 r (was) s
11 r (safe.) s
1054 2667 p (About) s
11 r 49 c
-1 r (1:30am) s
11 r (Pascal) s
13 r (Chesnais) s
12 r (requested) s
12 r (that) s
11 r (the) s
12 r (Net-) s
1012 2717 p (work) s
8 r (Group) s
8 r (isolate) s
8 r (the) s
9 r (Media) s
8 r (Lab) s
10 r (buildi) s
-1 r (ng) s
7 r (and) s
8 r (it) s
8 r (remained) s
965 2842 p 57 c
@eop
10 @bop0
10 @bop1
t-rom.300 @sf
-36 96 p (so) s
9 r (isolated) s
9 r (until) s
9 r (Friday) s
10 r (at) s
10 r (2:30pm.) s
4 146 p (Russ) s
16 r (Mundy) s
16 r (of) s
16 r (the) s
16 r (Defense) s
17 r (Communications) s
15 r (Agency) s
-36 196 p (reported) s
24 r (at) s
27 r (the) s
26 r (NCSC) s
26 r (meeting) s
26 r (that) s
26 r (the) s
26 r (MILNET) s
27 r (to) s
-36 246 p (ARP) s
-4 r (ANET) s
8 r (mailbridges) s
7 r (were) s
10 r (shut) s
8 r (down) s
8 r (at) s
8 r 49 c
-1 r (1:30am) s
8 r (and) s
8 r (re-) s
-36 295 p (mained) s
9 r (down) s
10 r (until) s
8 r (Friday) s
10 r (at) s
10 r 49 c
-1 r (1:00am.) s
4 345 p (In) s
13 r (response) s
13 r (to) s
13 r (complaints) s
12 r (from) s
13 r (non-UNIX) s
12 r (users,) s
15 r (Mark) s
-36 395 p (Reinho) s
-1 r (ld) s
15 r (and) s
17 r (Stan) s
16 r (Zanarotti,) s
19 r (another) s
16 r (LCS) s
17 r (graduate) s
17 r (stu-) s
-36 445 p (dent,) s
12 r (turned) s
12 r (on) s
13 r (the) s
13 r (repeaters) s
14 r (at) s
13 r (LCS) s
13 r (which) s
13 r (had) s
13 r (been) s
14 r (pre-) s
-36 495 p (viou) s
-1 r (sly) s
9 r (powered) s
11 r (down) s
10 r (and) s
11 r (physically) s
10 r (disconnected) s
11 r (UNIX) s
-36 544 p (machines) s
14 r (from) s
15 r (the) s
14 r (network) s
14 r (around) s
14 r 49 c
-1 r (1:15am.) s
27 r 84 c
(im) s
14 r (Shep-) s
-36 594 p (ard) s
11 r (reloaded) s
12 r 97 c
12 r (root) s
12 r (partitio) s
-1 r 110 c
10 r (of) s
12 r (one) s
12 r (machine) s
13 r (from) s
12 r (tape) s
12 r (\(to) s
-36 644 p (start) s
8 r (with) s
8 r (known) s
9 r (software\),) s
9 r (and) s
10 r (added) s
10 r 97 c
10 r (feature) s
9 r (to) s
c-med.300 @sf
9 r (find) s
t-rom.300 @sf
44 c
10 r 97 c
-36 694 p (UNIX) s
8 r 174 c
(le) s
10 r (system) s
10 r (scanner) s
-1 r 44 c
11 r (to) s
9 r (report) s
9 r (low-level) s
9 r (modi) s
174 c
(cation) s
-36 744 p (times.) s
13 r 87 c
-2 r (orking) s
8 r (with) s
9 r (Jim) s
11 r (Fulton) s
9 r (of) s
10 r (the) s
10 r 88 c
11 r (Consortiu) s
-1 r (m,) s
10 r 84 c
(im) s
-36 793 p (inspected) s
t-ita.300 @sf
6 r (allspice.lcs.mit.edu) s
t-rom.300 @sf
59 c
8 r (by) s
8 r (1:00pm,) s
8 r (they) s
8 r (had) s
8 r (veri) s
174 c
(ed) s
-36 843 p (that) s
7 r (the) s
8 r (virus) s
8 r (had) s
9 r (not) s
8 r (modi) s
174 c
(ed) s
9 r (any) s
9 r 174 c
(les) s
9 r (on) s
t-ita.300 @sf
9 r (allspice) s
t-rom.300 @sf
8 r (and) s
9 r (had) s
-36 893 p (inst) s
-1 r (alled) s
9 r 97 c
10 r (recompiled) s
c-med.300 @sf
10 r (sendmail) s
t-rom.300 @sf
46 c
t-bol.360 @sf
-36 1009 p (3.3) s
49 r (Thursday) s
38 r (Afternoon:) s
63 r (\\This) s
39 r (is) s
40 r (Bad) s
75 1067 p (News") s
t-bol.300 @sf
-36 1145 p (3.3.1) s
40 r 87 c
-1 r (ord) s
14 r (Spr) s
(eads) s
t-rom.300 @sf
-36 1223 p (By) s
12 r (the) s
13 r (time) s
14 r (Jon) s
14 r (Rochlis) s
12 r (of) s
14 r (the) s
13 r (MIT) s
14 r 84 c
-2 r (elecommunications) s
-36 1272 p (Network) s
7 r (Group) s
9 r (arrived) s
9 r (for) s
9 r (work) s
8 r (around) s
9 r (noon) s
9 r (on) s
9 r (Thursday) s
-36 1322 p 51 c
12 r (November) s
12 r (1988,) s
13 r (the) s
12 r (Network) s
12 r (Group) s
12 r (had) s
12 r (received) s
14 r (mes-) s
-36 1372 p (sages) s
8 r (from) s
9 r (MIT) s
9 r (Lincoln) s
8 r (Laboratory) s
9 r (saying) s
8 r (they) s
9 r (had) s
9 r 96 c
-2 r (`been) s
-36 1422 p (broug) s
-1 r (ht) s
13 r (to) s
15 r (their) s
15 r (knees') s
-2 r 39 c
15 r (by) s
15 r (the) s
16 r (virus,) s
16 r (from) s
16 r (Ser) s
(gio) s
14 r (Heker) s
-36 1472 p (of) s
9 r (the) s
11 r (John) s
10 r 86 c
-4 r (on) s
9 r (Neumann) s
11 r (National) s
10 r (Supercomputer) s
11 r (Center) s
-36 1522 p (warning) s
11 r (of) s
13 r (network) s
13 r (problems,) s
14 r (and) s
14 r (from) s
13 r (Kent) s
13 r (England) s
13 r (of) s
-36 1571 p (Bosto) s
-1 r 110 c
9 r (University) s
10 r (saying) s
11 r (they) s
11 r (had) s
11 r (cut) s
11 r (their) s
10 r (external) s
11 r (links.) s
-36 1621 p (The) s
13 r (MIT) s
13 r (Network) s
13 r (Group) s
12 r (loathed) s
13 r (the) s
13 r (thought) s
12 r (of) s
13 r (severing) s
-36 1671 p (MIT') s
-2 r 115 c
13 r (external) s
14 r (connections) s
14 r (and) s
14 r (never) s
15 r (did) s
13 r (throughout) s
12 r (the) s
-36 1721 p (crisis.) s
4 1771 p (At) s
13 r (1:30pm) s
13 r (Dan) s
13 r (Geer) s
15 r (and) s
13 r (Jef) s
102 c
13 r (Schiller) s
-1 r 44 c
13 r (Manager) s
15 r (of) s
13 r (the) s
-36 1820 p (MIT) s
9 r (Network) s
9 r (and) s
11 r (Project) s
9 r (Athena) s
10 r (Operations) s
10 r (Manager) s
-1 r 44 c
10 r (re-) s
-36 1870 p (turn) s
-1 r (ed) s
6 r (to) s
7 r (the) s
7 r (MIT) s
8 r (Statistics) s
6 r (Center) s
7 r (and) s
8 r (were) s
8 r (able) s
8 r (to) s
6 r (get) s
8 r (both) s
-36 1920 p 86 c
-4 r (A) s
-1 r 88 c
8 r (and) s
11 r (Sun) s
10 r (binaries) s
10 r (from) s
10 r (infected) s
10 r (machines.) s
4 1970 p (Gene) s
12 r (Spaf) s
(ford) s
9 r (posted) s
10 r 97 c
12 r (message) s
13 r (at) s
11 r (2:50pm) s
9 r (Thursday) s
11 r (to) s
-36 2020 p 97 c
11 r (lar) s
(ge) s
10 r (number) s
12 r (of) s
11 r (people) s
11 r (and) s
12 r (mailing) s
10 r (lists) s
10 r (including) s
t-ita.300 @sf
10 r (nntp-) s
-36 2069 p (manag) s
-1 r (ers@ucbvax.berkeley) s
-1 r (.edu) s
t-rom.300 @sf
44 c
17 r (which) s
14 r (is) s
15 r (how) s
14 r (we) s
15 r (saw) s
15 r (it) s
-36 2119 p (quickl) s
-1 r 121 c
16 r (at) s
19 r (MIT) s
-2 r 46 c
17 r (It) s
18 r (warned) s
18 r (that) s
18 r (the) s
18 r (virus) s
17 r (used) s
c-med.300 @sf
19 r (rsh) s
t-rom.300 @sf
18 r (and) s
-36 2169 p (look) s
-1 r (ed) s
13 r (in) s
c-med.300 @sf
14 r (hosts.equiv) s
t-rom.300 @sf
14 r (and) s
c-med.300 @sf
14 r (.rhosts) s
t-rom.300 @sf
14 r (for) s
14 r (more) s
15 r (hosts) s
-36 2219 p (to) s
8 r (attack.) s
4 2269 p (Around) s
10 r (this) s
10 r (time) s
11 r (the) s
10 r (MIT) s
11 r (group) s
10 r (in) s
10 r (E40) s
11 r (\(Project) s
11 r (Athena) s
-36 2319 p (and) s
11 r (the) s
12 r 84 c
-2 r (elecommunications) s
11 r (Network) s
12 r (Group\)) s
11 r (called) s
13 r (Milo) s
-36 2368 p (Medin) s
10 r (of) s
11 r (NASA) s
12 r (and) s
12 r (found) s
11 r (out) s
11 r (much) s
12 r (of) s
11 r (the) s
12 r (above.) s
19 r (Many) s
-36 2418 p (of) s
12 r (us) s
13 r (had) s
14 r (not) s
12 r (yet) s
14 r (seen) s
14 r (the) s
14 r (messages.) s
25 r (He) s
14 r (pointed) s
13 r (out) s
12 r (that) s
-36 2468 p (the) s
11 r (virus) s
11 r (just) s
12 r (loved) s
12 r (to) s
12 r (attack) s
12 r (gateways,) s
14 r (which) s
12 r (were) s
14 r (found) s
-36 2518 p (via) s
11 r (the) s
13 r (routing) s
11 r (tables,) s
14 r (and) s
13 r (remarked) s
14 r (that) s
13 r (it) s
12 r (must) s
13 r (have) s
13 r (not) s
-36 2568 p (been) s
13 r (ef) s
(fective) s
13 r (at) s
14 r (MIT) s
14 r (where) s
14 r (we) s
15 r (run) s
13 r (our) s
13 r (own) s
13 r 67 c
14 r (Gateway) s
-36 2617 p (code) s
6 r (on) s
7 r (our) s
7 r (routers,) s
8 r (not) s
6 r (UNIX.) s
8 r (Milo) s
6 r (also) s
7 r (said) s
8 r (that) s
6 r (it) s
7 r (seemed) s
-36 2667 p (to) s
9 r (randomly) s
10 r (attack) s
11 r (network) s
10 r (services,) s
12 r (swamping) s
11 r (them) s
11 r (with) s
-36 2717 p (inpu) s
-1 r (t.) s
22 r (Some) s
15 r (daemons) s
14 r (that) s
13 r (ran) s
14 r (on) s
13 r (non-standard) s
13 r (ports) s
13 r (had) s
1012 96 p (logged) s
14 r (such) s
14 r (abnormal) s
15 r (input.) s
24 r (At) s
14 r (the) s
14 r (time) s
15 r (we) s
14 r (thought) s
13 r (the) s
1012 146 p (virus) s
7 r (might) s
6 r (be) s
8 r (systematically) s
7 r (attacking) s
7 r (all) s
7 r (possible) s
6 r (network) s
1012 196 p (services) s
10 r (exploiting) s
7 r (some) s
9 r (unknown) s
8 r (common) s
9 r 175 c
(aw) s
-2 r 46 c
14 r (This) s
9 r (was) s
1012 246 p (not) s
9 r (true) s
8 r (but) s
8 r (it) s
9 r (seemed) s
10 r (scary) s
10 r (at) s
9 r (the) s
9 r (time.) s
13 r (Milo) s
8 r (also) s
9 r (informed) s
1012 295 p (us) s
15 r (that) s
14 r (DCA) s
14 r (had) s
14 r (shut) s
14 r (down) s
14 r (the) s
14 r (mailbridges) s
14 r (which) s
14 r (serve) s
1012 345 p (as) s
12 r (gateways) s
11 r (between) s
11 r (the) s
11 r (MILNET) s
11 r (and) s
11 r (the) s
10 r (ARP) s
-3 r (ANET) s
-2 r 46 c
10 r (He) s
1012 395 p (pointed) s
11 r (us) s
13 r (to) s
11 r (the) s
12 r (group) s
12 r (at) s
12 r (Berkeley) s
12 r (and) s
13 r (Peter) s
12 r 89 c
-3 r (ee) s
12 r (speci) s
174 c
45 c
1012 445 p (cally) s
-2 r 46 c
t-bol.300 @sf
1012 575 p (3.3.2) s
42 r (It) s
16 r (uses) s
17 r (\014nger) s
t-rom.300 @sf
1012 660 p (At) s
11 r (about) s
10 r (6:00pm) s
10 r (on) s
10 r (Thursday) s
-2 r 44 c
10 r (Ron) s
10 r (Hof) s
(fmann,) s
10 r (of) s
11 r (the) s
10 r (MIT) s
1012 710 p 84 c
-2 r (elecommunications) s
16 r (Network) s
16 r (Group,) s
18 r (observed) s
16 r (the) s
16 r (virus) s
1012 760 p (attempting) s
10 r (to) s
10 r (log) s
10 r (into) s
10 r 97 c
11 r (standalone) s
11 r (router) s
10 r (using) s
10 r (the) s
11 r (Berke-) s
1012 809 p (ley) s
13 r (remote) s
14 r (login) s
11 r (protocol;) s
12 r (the) s
13 r (remote) s
13 r (login) s
12 r (attempt) s
12 r (origi-) s
1012 859 p (nated) s
11 r (from) s
10 r 97 c
11 r (machine) s
12 r (previously) s
9 r (believed) s
10 r (immune) s
10 r (since) s
11 r (it) s
1012 909 p (was) s
10 r (running) s
7 r 97 c
9 r (mailer) s
9 r (with) s
8 r (the) s
c-med.300 @sf
8 r (debug) s
t-rom.300 @sf
9 r (command) s
9 r (turned) s
8 r (of) s
(f.) s
1012 959 p (The) s
16 r (virus) s
14 r (was) s
16 r (running) s
13 r (under) s
14 r (the) s
15 r (user) s
15 r (name) s
16 r (of) s
c-med.300 @sf
15 r (nobody) s
t-rom.300 @sf
44 c
1012 1009 p (and) s
13 r (it) s
11 r (appeared) s
13 r (that) s
12 r (it) s
11 r (had) s
13 r (to) s
11 r (be) s
13 r (attacking) s
11 r (through) s
11 r (the) s
12 r 174 c
(n-) s
1012 1058 p (ger) s
17 r (service,) s
18 r (the) s
16 r (only) s
15 r (network) s
15 r (service) s
16 r (running) s
15 r (under) s
15 r (that) s
1012 1108 p (user) s
14 r (name.) s
24 r (At) s
12 r (that) s
13 r (point,) s
13 r (we) s
13 r (called) s
14 r (the) s
13 r (group) s
12 r (working) s
11 r (at) s
1012 1158 p (Berkeley;) s
11 r (they) s
10 r (con) s
174 c
(rmed) s
11 r (our) s
10 r (suspicions) s
9 r (that) s
10 r (the) s
10 r (virus) s
10 r (was) s
1012 1208 p (spreading) s
10 r (through) s
c-med.300 @sf
9 r (fingerd) s
t-rom.300 @sf
46 c
1054 1261 p (On) s
10 r (the) s
9 r (surface,) s
11 r (it) s
9 r (seemed) s
12 r (that) s
c-med.300 @sf
9 r (fingerd) s
t-rom.300 @sf
9 r (was) s
11 r (too) s
9 r (simple) s
1012 1311 p (to) s
11 r (have) s
12 r 97 c
12 r (protection) s
9 r (bug) s
11 r (similar) s
11 r (to) s
11 r (the) s
11 r (one) s
11 r (in) s
c-med.300 @sf
11 r (sendmail) s
t-rom.300 @sf
59 c
1012 1361 p (it) s
15 r (was) s
15 r 97 c
16 r (very) s
15 r (short) s
14 r (program,) s
16 r (and) s
15 r (the) s
15 r (only) s
14 r (program) s
14 r (it) s
14 r (in-) s
1012 1411 p (voked) s
10 r (\(using) s
8 r (the) s
10 r (UNIX) s
t-ita.300 @sf
9 r (exec) s
t-rom.300 @sf
11 r (system) s
10 r (call\)) s
10 r (was) s
10 r (named) s
11 r (using) s
1012 1461 p 97 c
12 r (constant) s
10 r (pathname.) s
17 r 65 c
11 r (check) s
12 r (of) s
11 r (the) s
11 r (modi) s
174 c
(cation) s
9 r (dates) s
12 r (of) s
1012 1510 p (both) s
c-med.300 @sf
10 r (/etc/fingerd) s
t-rom.300 @sf
9 r (and) s
c-med.300 @sf
11 r (/usr/ucb/finger) s
t-rom.300 @sf
9 r (showed) s
1012 1560 p (that) s
14 r (both) s
13 r (had) s
14 r (been) s
14 r (untouched,) s
14 r (and) s
15 r (both) s
12 r (were) s
15 r (identical) s
13 r (to) s
1012 1610 p (known) s
10 r (good) s
9 r (copies) s
11 r (located) s
10 r (on) s
10 r 97 c
11 r (read-only) s
9 r 174 c
(lesystem.) s
1054 1664 p (Berkeley) s
21 r (reported) s
21 r (that) s
21 r (the) s
21 r (attack) s
21 r (on) s
21 r 174 c
(nger) s
21 r (involved) s
1012 1713 p 96 c
-2 r (`shoving) s
6 r (some) s
9 r (garbage) s
9 r (at) s
9 r (it') s
-3 r (',) s
8 r (probably) s
7 r (control) s
7 r 65 c
-4 r 39 c
-1 r (s;) s
7 r (clearly) s
1012 1763 p (an) s
11 r (overrun) s
10 r (buf) s
(fer) s
9 r (wound) s
9 r (up) s
10 r (corrupting) s
8 r (something.) s
1054 1817 p (Bill) s
12 r (Sommerfeld) s
14 r (of) s
13 r (Apollo) s
12 r (Computer) s
13 r (and) s
14 r (MIT) s
14 r (Project) s
1012 1867 p (Athena) s
10 r (guessed) s
9 r (that) s
9 r (this) s
8 r (bug) s
8 r (might) s
8 r (involve) s
8 r (overwriting) s
7 r (the) s
1012 1916 p (saved) s
12 r (program) s
10 r (counter) s
10 r (in) s
10 r (the) s
11 r (stack) s
11 r (frame;) s
11 r (when) s
11 r (he) s
10 r (looked) s
1012 1966 p (at) s
11 r (the) s
10 r (source) s
11 r (for) s
c-med.300 @sf
10 r (fingerd) s
t-rom.300 @sf
44 c
10 r (he) s
11 r (found) s
9 r (that) s
10 r (the) s
10 r (buf) s
(fer) s
9 r (it) s
10 r (was) s
1012 2016 p (using) s
15 r (was) s
16 r (located) s
15 r (on) s
15 r (the) s
15 r (stack;) s
17 r (in) s
15 r (addition,) s
15 r (the) s
15 r (program) s
1012 2066 p (used) s
16 r (the) s
15 r 67 c
16 r (library) s
t-ita.300 @sf
14 r (gets) s
t-rom.300 @sf
15 r (function,) s
16 r (which) s
15 r (assumes) s
17 r (that) s
15 r (the) s
1012 2116 p (buf) s
(fer) s
12 r (it) s
13 r (is) s
12 r (given) s
13 r (is) s
13 r (long) s
12 r (enough) s
12 r (for) s
12 r (the) s
13 r (line) s
13 r (it) s
12 r (is) s
13 r (about) s
12 r (to) s
1012 2165 p (read.) s
21 r 84 c
-2 r 111 c
11 r (verify) s
12 r (that) s
11 r (this) s
12 r (was) s
13 r 97 c
12 r (viable) s
12 r (attack,) s
13 r (he) s
13 r (then) s
12 r (went) s
1012 2215 p (on) s
10 r (to) s
8 r (write) s
9 r 97 c
10 r (program) s
10 r (which) s
9 r (exploited) s
8 r (this) s
8 r (hole) s
10 r (in) s
8 r 97 c
10 r (benign) s
1012 2265 p (way) s
-2 r 46 c
22 r (The) s
14 r (test) s
12 r (virus) s
12 r (sent) s
13 r (the) s
13 r (string) s
12 r 96 c
-2 r (`Bozo!') s
-3 r 39 c
19 r (back) s
14 r (out) s
12 r (the) s
1012 2315 p (network) s
10 r (connection.) s
1054 2368 p (Miek) s
15 r (Rowan) s
15 r (and) s
15 r (Mike) s
15 r (Spitzer) s
15 r (also) s
15 r (report) s
14 r (having) s
14 r (dis-) s
1012 2418 p (covered) s
13 r (the) s
c-med.300 @sf
12 r (fingerd) s
t-rom.300 @sf
11 r (mechanism) s
14 r (at) s
12 r (about) s
11 r (the) s
12 r (same) s
14 r (time) s
1012 2468 p (and) s
12 r (forwarded) s
11 r (their) s
10 r (discovery) s
11 r (to) s
10 r (Gene) s
12 r (Spaf) s
(ford) s
10 r (and) s
11 r (Keith) s
1012 2518 p (Bostic,) s
15 r (but) s
13 r (in) s
13 r (the) s
13 r (heat) s
14 r (of) s
14 r (the) s
13 r (moment) s
14 r (the) s
14 r (discovery) s
13 r (went) s
1012 2568 p (unrecognized.) s
55 r (Liudvikas) s
23 r (Bukys) s
23 r (of) s
23 r (the) s
24 r (University) s
22 r (of) s
1012 2617 p (Rochester) s
14 r (posted) s
13 r (to) s
14 r (the) s
t-ita.300 @sf
13 r (comp.bugs.4bsd) s
t-rom.300 @sf
13 r (newsgroup) s
13 r 97 c
14 r (de-) s
1012 2667 p (tailed) s
11 r (description) s
11 r (of) s
11 r (the) s
c-med.300 @sf
12 r (fingerd) s
t-rom.300 @sf
11 r (mechanism) s
12 r (at) s
12 r (7:21pm.) s
1012 2717 p (The) s
13 r (message) s
14 r (also) s
12 r (stated) s
12 r (that) s
12 r (the) s
11 r (virus) s
12 r (used) s
12 r (telnet) s
11 r (but) s
12 r (per-) s
954 2842 p (10) s
@eop
11 @bop0
11 @bop1
t-rom.300 @sf
-36 96 p (haps) s
12 r (that) s
13 r (was) s
14 r (only) s
13 r (after) s
13 r (cracking) s
14 r (passwords.) s
24 r (In) s
13 r (reality) s
12 r (it) s
-36 146 p (only) s
6 r (sometimes) s
9 r (used) s
8 r (telnet) s
8 r (to) s
7 r 96 c
-2 r (`qualify) s
-1 r 39 c
-3 r 39 c
6 r 97 c
9 r (machine) s
9 r (for) s
8 r (later) s
-36 196 p (attack,) s
8 r (and) s
10 r (only) s
8 r (used) s
c-med.300 @sf
9 r (rsh) s
t-rom.300 @sf
9 r (and) s
c-med.300 @sf
9 r (rexec) s
t-rom.300 @sf
9 r (to) s
8 r (take) s
9 r (advantage) s
10 r (of) s
-36 246 p (passwords) s
9 r (it) s
9 r (had) s
11 r (guessed.) s
4 309 p 65 c
t-ita.300 @sf
15 r (risks@kl.sri.com) s
t-rom.300 @sf
17 r (digest[) s
(20) s
-1 r 93 c
15 r (came) s
17 r (out) s
14 r (at) s
16 r (6:52pm.) s
28 r (It) s
-36 359 p (includ) s
-1 r (ed) s
14 r 97 c
16 r (message) s
17 r (from) s
16 r (Clif) s
102 c
13 r (Stoll) s
14 r (which) s
15 r (described) s
16 r (the) s
-36 409 p (spread) s
13 r (of) s
13 r (the) s
14 r (virus) s
12 r (on) s
14 r (MILNET) s
14 r (and) s
14 r (suggested) s
14 r (that) s
13 r (MIL-) s
-36 459 p (NET) s
11 r (sites) s
11 r (might) s
11 r (want) s
12 r (to) s
11 r (remove) s
12 r (themselves) s
12 r (from) s
11 r (the) s
12 r (net-) s
-36 508 p (work.) s
35 r (Clif) s
102 c
15 r (concluded) s
18 r (by) s
18 r (saying,) s
19 r 96 c
-2 r (`This) s
17 r (is) s
17 r (bad) s
18 r (news.') s
-2 r 39 c
-36 558 p (Other) s
8 r (messages) s
13 r (were) s
11 r (from) s
10 r (Gene) s
11 r (Spaf) s
(ford,) s
9 r (Peter) s
11 r (Neumann) s
-36 608 p (of) s
8 r (SRI,) s
9 r (and) s
9 r (Matt) s
9 r (Bishop) s
9 r (of) s
9 r (Dartmouth.) s
12 r (They) s
10 r (described) s
10 r (the) s
c-med.300 @sf
-36 658 p (sendmail) s
t-rom.300 @sf
8 r (propagation) s
9 r (mechanism.) s
t-bol.360 @sf
-36 852 p (3.4) s
49 r (Thursday) s
24 r (Evening:) s
36 r (\\W) s
(ith) s
23 r (Micr) s
(oscope) s
75 910 p (and) s
18 r 84 c
-3 r (weezers") s
t-bol.300 @sf
-36 1014 p (3.4.1) s
40 r (Getting) s
16 r (Down) s
15 r 84 c
-3 r 111 c
15 r 87 c
-1 r (ork) s
t-rom.300 @sf
-36 1118 p (In) s
11 r (the) s
13 r (of) s
174 c
(ce) s
13 r (of) s
12 r (the) s
13 r (Student) s
12 r (Information) s
11 r (Processing) s
13 r (Board) s
-36 1168 p (\(SIPB\),) s
13 r (Stan) s
15 r (Zanarotti) s
14 r (and) s
15 r 84 c
-2 r (ed) s
15 r 84 c
-2 r (s'o) s
14 r (had) s
15 r (managed) s
16 r (to) s
15 r (get) s
-36 1217 p 97 c
13 r 86 c
-4 r (AX) s
11 r (binary) s
12 r (and) s
13 r (core) s
14 r (dump) s
13 r (from) s
13 r (the) s
13 r (virus) s
12 r (while) s
13 r (it) s
12 r (was) s
-36 1267 p (runni) s
-1 r (ng) s
8 r (on) s
10 r 97 c
11 r (machine) s
11 r (at) s
10 r (LCS.) s
4 1331 p (Stan) s
8 r (and) s
9 r 84 c
-2 r (ed) s
8 r (started) s
8 r (attacking) s
8 r (the) s
9 r (virus.) s
12 r (Pretty) s
8 r (soon) s
8 r (they) s
-36 1381 p (had) s
9 r 174 c
(gured) s
10 r (out) s
9 r (the) s
10 r (xor) s
10 r (encoding) s
9 r (of) s
10 r (the) s
10 r (text) s
10 r (strings) s
9 r (embed-) s
-36 1430 p (ded) s
9 r (in) s
10 r (the) s
11 r (program) s
11 r (and) s
10 r (were) s
12 r (manually) s
10 r (decoding) s
10 r (them.) s
16 r (By) s
-36 1480 p (9:00) s
-1 r (pm) s
8 r 84 c
-2 r (ed) s
9 r (had) s
10 r (written) s
8 r 97 c
11 r (program) s
9 r (to) s
9 r (decode) s
10 r (all) s
9 r (the) s
10 r (strings) s
-36 1530 p (and) s
10 r (we) s
13 r (had) s
12 r (the) s
11 r (list) s
11 r (of) s
12 r (strings) s
10 r (used) s
13 r (by) s
11 r (the) s
12 r (program,) s
12 r (except) s
-36 1580 p (for) s
8 r (the) s
9 r (built-in) s
7 r (dictionary) s
8 r (which) s
10 r (was) s
10 r (encoded) s
10 r (in) s
9 r 97 c
10 r (dif) s
(ferent) s
-36 1630 p (fashion) s
7 r (\(by) s
9 r (turning) s
7 r (on) s
9 r (the) s
9 r (high) s
8 r (order) s
9 r (bit) s
8 r (of) s
9 r (each) s
10 r (character\).) s
4 1693 p (At) s
20 r (the) s
21 r (same) s
22 r (time) s
21 r (they) s
21 r (discovered) s
20 r (the) s
21 r (ip) s
20 r (address) s
22 r (of) s
t-ita.300 @sf
-36 1743 p (ernie.berkeley) s
-1 r (.edu) s
t-rom.300 @sf
44 c
22 r (128.32.137.13,) s
20 r (in) s
18 r (the) s
19 r (program;) s
23 r (they) s
-36 1793 p (proceeded) s
12 r (to) s
13 r (take) s
13 r (apart) s
13 r (the) s
13 r (virus) s
12 r (routine) s
t-ita.300 @sf
11 r (send) s
2 r 13 2 ru
13 r (message) s
t-rom.300 @sf
14 r (to) s
-36 1843 p 174 c
(gure) s
9 r (out) s
10 r (what) s
10 r (it) s
10 r (was) s
11 r (sending) s
10 r (to) s
t-ita.300 @sf
10 r (ernie) s
t-rom.300 @sf
44 c
12 r (how) s
10 r (often,) s
10 r (and) s
11 r (if) s
10 r 97 c
-36 1892 p (handshake) s
9 r (was) s
11 r (involved.) s
13 r (Stan) s
10 r (told) s
9 r (Jon) s
10 r (Rochlis) s
9 r (in) s
10 r (the) s
10 r (MIT) s
-36 1942 p (Network) s
9 r (Group) s
11 r (of) s
12 r (the) s
11 r (SIPB) s
11 r (group') s
-1 r 115 c
10 r (progress.) s
18 r (The) s
12 r (people) s
-36 1992 p (in) s
10 r (E40) s
13 r (called) s
12 r (Berkeley) s
13 r (and) s
12 r (reported) s
12 r (the) s
12 r 174 c
(nding) s
11 r (of) s
t-ita.300 @sf
12 r (ernie) s
t-rom.300 @sf
39 c
-1 r 115 c
-36 2042 p (address.) s
26 r (Nobody) s
13 r (seemed) s
17 r (to) s
13 r (have) s
15 r (any) s
15 r (idea) s
15 r (why) s
14 r (that) s
14 r (was) s
-36 2092 p (there.) s
4 2155 p (At) s
26 r (9:20pm) s
25 r (Gene) s
27 r (Spaf) s
(ford) s
25 r (created) s
27 r (the) s
26 r (mailing) s
26 r (list) s
t-ita.300 @sf
-36 2205 p (phage@pur) s
-2 r (due.edu) s
t-rom.300 @sf
46 c
14 r (It) s
10 r (included) s
9 r (all) s
11 r (the) s
10 r (people) s
11 r (he) s
10 r (had) s
11 r (been) s
-36 2255 p (mailing) s
8 r (virus) s
11 r (information) s
9 r (to) s
10 r (since) s
12 r (the) s
11 r (morning;) s
9 r (more) s
12 r (peo-) s
-36 2305 p (ple) s
13 r (were) s
15 r (to) s
13 r (be) s
15 r (added) s
14 r (during) s
13 r (the) s
14 r (next) s
14 r (few) s
14 r (days.) s
27 r (This) s
14 r (list) s
-36 2355 p (proved) s
15 r (invaluable,) s
18 r (since) s
17 r (it) s
16 r (seemed) s
19 r (to) s
16 r (have) s
18 r (many) s
17 r (of) s
17 r (the) s
-36 2404 p 96 c
-2 r (`r) s
-1 r (i) s
-1 r (ght) s
-1 r 39 c
-3 r 39 c
10 r (people) s
11 r (on) s
12 r (it) s
11 r (and) s
12 r (seemed) s
13 r (to) s
11 r (work) s
11 r (in) s
11 r (near) s
13 r (real) s
12 r (time) s
-36 2454 p (despite) s
8 r (all) s
10 r (the) s
10 r (network) s
10 r (outages.) s
4 2518 p (At) s
10 r (10:18pm) s
8 r (Keith) s
10 r (Bostic) s
9 r (made) s
11 r (his) s
9 r (third) s
9 r (bug) s
9 r 174 c
120 c
10 r (posting.) s
-36 2568 p (It) s
7 r (included) s
6 r (new) s
8 r (source) s
8 r (code) s
9 r (for) s
c-med.300 @sf
7 r (fingerd) s
t-rom.300 @sf
8 r (which) s
7 r (used) s
t-ita.300 @sf
8 r (fgets) s
t-rom.300 @sf
-36 2617 p (inst) s
-1 r (ead) s
13 r (of) s
t-ita.300 @sf
14 r (gets) s
t-rom.300 @sf
13 r (and) s
14 r (did) s
13 r (an) s
t-ita.300 @sf
14 r (exit) s
t-rom.300 @sf
14 r (instead) s
14 r (of) s
t-ita.300 @sf
13 r 114 c
-1 r (eturn) s
t-rom.300 @sf
46 c
24 r (He) s
15 r (also) s
-36 2667 p (includ) s
-1 r (ed) s
9 r 97 c
12 r (more) s
11 r (general) s
c-med.300 @sf
11 r (sendmail) s
t-rom.300 @sf
11 r (patch) s
11 r (which) s
10 r (disabled) s
-36 2717 p (the) s
c-med.300 @sf
9 r (debug) s
t-rom.300 @sf
10 r (command) s
11 r (completely) s
-2 r 46 c
t-bol.300 @sf
1012 96 p (3.4.2) s
42 r (The) s
16 r (Media) s
16 r (Descends) s
t-rom.300 @sf
1012 175 p (About) s
9 r (this) s
9 r (time) s
10 r 97 c
10 r (camera) s
12 r (crew) s
10 r (from) s
10 r (WNEV) s
-3 r (-TV) s
9 r (Channel) s
10 r 55 c
1012 225 p (\(the) s
10 r (Boston) s
8 r (CBS) s
9 r (af) s
174 c
(liate\)) s
8 r (showed) s
10 r (up) s
9 r (at) s
9 r (the) s
10 r (of) s
174 c
(ce) s
9 r (of) s
9 r (James) s
1012 275 p (D.) s
12 r (Bruce,) s
13 r (MIT) s
11 r (EECS) s
12 r (Professor) s
11 r (and) s
12 r 86 c
-1 r (ice) s
10 r (President) s
11 r (for) s
11 r (In-) s
1012 325 p (formation) s
8 r (Systems.) s
14 r (He) s
9 r (called) s
8 r (Jef) s
102 c
8 r (Schiller) s
8 r (and) s
9 r (headed) s
9 r (over) s
1012 374 p (to) s
13 r (E40.) s
23 r (They) s
14 r (were) s
14 r (both) s
12 r (were) s
14 r (interviewed) s
13 r (and) s
13 r (stated) s
13 r (that) s
1012 424 p (there) s
12 r (were) s
12 r (60,000) s
11 r (Internet) s
11 r (hosts) s
cmr7.300 @sf
1552 410 p (14) s
t-rom.300 @sf
1587 424 p 44 c
12 r (along) s
11 r (with) s
10 r (an) s
12 r (estimate) s
1012 474 p (of) s
14 r (10%) s
13 r (infection) s
12 r (rate) s
14 r (for) s
14 r (the) s
13 r (2,000) s
14 r (hosts) s
13 r (at) s
14 r (MIT) s
-2 r 46 c
13 r (The) s
14 r (in-) s
1012 524 p (fection) s
10 r (rate) s
10 r (was) s
11 r 97 c
11 r (pure) s
10 r (guess,) s
11 r (but) s
9 r (seemed) s
12 r (reasonable) s
11 r (at) s
10 r (the) s
1012 574 p (time.) s
21 r (These) s
13 r (numbers) s
12 r (were) s
13 r (to) s
12 r (stick) s
12 r (in) s
12 r 97 c
13 r (way) s
12 r (we) s
13 r (never) s
12 r (an-) s
1012 624 p (ticipated.) s
13 r (Some) s
11 r (of) s
9 r (the) s
9 r (press) s
10 r (reports) s
9 r (were) s
10 r (careful) s
10 r (to) s
9 r (explain) s
1012 673 p (the) s
13 r (derivation) s
11 r (of) s
13 r (the) s
13 r (numbers) s
13 r (they) s
12 r (quoted,) s
13 r (including) s
11 r (how) s
1012 723 p (one) s
8 r (could) s
7 r (extrapolate) s
7 r (that) s
6 r (as) s
9 r (many) s
7 r (as) s
8 r (6,000) s
7 r (computers) s
8 r (were) s
1012 773 p (infected,) s
14 r (but) s
12 r (many) s
14 r (reports) s
12 r (were) s
14 r (not) s
12 r (that) s
12 r (good) s
12 r (and) s
13 r (simply) s
1012 823 p (stated) s
11 r (things) s
9 r (like) s
9 r 96 c
-2 r (`at) s
9 r (least) s
11 r (6,000) s
9 r (machines) s
12 r (had) s
10 r (been) s
11 r (hit.') s
-2 r 39 c
1054 873 p 87 c
-2 r 101 c
9 r (were) s
10 r (unable) s
10 r (to) s
9 r (show) s
9 r (the) s
10 r (TV) s
10 r (crew) s
10 r (anything) s
8 r 96 c
-2 r (`visual') s
-3 r 39 c
1012 923 p (caused) s
12 r (by) s
10 r (the) s
10 r (virus,) s
10 r (something) s
9 r (which) s
10 r (eventually) s
10 r (became) s
12 r 97 c
1012 973 p (common) s
14 r (media) s
14 r (request) s
14 r (and) s
13 r (disappointment.) s
22 r (Instead) s
13 r (they) s
1012 1023 p (settled) s
16 r (for) s
16 r (people) s
16 r (looking) s
14 r (at) s
16 r (workstations) s
14 r (talking) s
15 r 96 c
-2 r (`com-) s
1012 1073 p (puter) s
10 r (talk.') s
-2 r 39 c
1054 1123 p (The) s
14 r (virus) s
13 r (was) s
14 r (the) s
13 r (lead) s
13 r (story) s
13 r (on) s
13 r (the) s
13 r 49 c
-1 r (1:00pm) s
12 r (news) s
14 r (and) s
1012 1173 p (was) s
11 r (mentioned) s
9 r (on) s
10 r (National) s
9 r (Public) s
9 r (Radio) s
9 r (as) s
11 r (well.) s
13 r 87 c
-2 r 101 c
10 r (were) s
1012 1223 p (quite) s
13 r (surprised) s
12 r (that) s
12 r (the) s
13 r (real) s
13 r (world) s
12 r (would) s
12 r (pay) s
13 r (so) s
13 r (much) s
14 r (at-) s
1012 1273 p (tention.) s
13 r (Sound) s
10 r (bites) s
10 r (were) s
11 r (heard) s
10 r (on) s
10 r (the) s
10 r (2:00am) s
10 r (CBS) s
10 r (Radio) s
1012 1322 p (News,) s
10 r (and) s
8 r (footage) s
7 r (shot) s
7 r (that) s
7 r (evening) s
7 r (was) s
9 r (shown) s
7 r (on) s
7 r (the) s
8 r (CBS) s
1012 1372 p (morning) s
6 r (news) s
7 r (\(but) s
6 r (by) s
7 r (that) s
6 r (point) s
5 r (we) s
8 r (were) s
7 r (too) s
6 r (busy) s
7 r (to) s
6 r (watch\).) s
1054 1423 p (After) s
12 r (watching) s
12 r (the) s
12 r (story) s
11 r (on) s
12 r (the) s
12 r 49 c
-1 r (1:00pm) s
11 r (news) s
13 r (we) s
12 r (real-) s
1012 1473 p (ized) s
8 r (it) s
7 r (was) s
8 r (time) s
8 r (to) s
7 r (get) s
7 r (serious) s
8 r (about) s
7 r 174 c
(guring) s
6 r (out) s
7 r (the) s
7 r (detailed) s
1012 1522 p (workings) s
10 r (of) s
10 r (the) s
11 r (virus.) s
14 r 87 c
-2 r 101 c
10 r (all) s
10 r (agreed) s
12 r (that) s
10 r (decompiling) s
9 r (was) s
1012 1572 p (the) s
11 r (route) s
9 r (to) s
10 r (take,) s
11 r (though) s
9 r (later) s
10 r (we) s
11 r (also) s
10 r (mounted) s
10 r (an) s
10 r (ef) s
(fort) s
9 r (to) s
1012 1622 p (infect) s
12 r 97 c
12 r (specially) s
11 r (instrumented) s
11 r (machine) s
12 r (to) s
11 r (see) s
13 r (the) s
11 r (virus) s
11 r (in) s
1012 1672 p (operation.) s
24 r (As) s
14 r (Jerry) s
13 r (Saltzer) s
15 r (said) s
13 r (in) s
13 r 97 c
15 r (later) s
13 r (message) s
16 r (to) s
13 r (the) s
1012 1722 p (Project) s
12 r (Athena) s
12 r (staf) s
(f,) s
11 r (we) s
12 r (undertook) s
11 r 97 c
12 r 96 c
-2 r (`wizard-level) s
10 r (analy-) s
1012 1771 p (sis') s
-2 r 39 c
10 r (by) s
11 r (going) s
10 r (over) s
11 r (the) s
11 r (virus) s
11 r 96 c
-2 r (`with) s
9 r (microscope) s
11 r (and) s
12 r (tweez-) s
1012 1821 p (ers.') s
-2 r 39 c
t-bol.360 @sf
1012 1944 p (3.5) s
51 r (Friday:) s
25 r (\\Wher) s
(e') s
-2 r 115 c
18 r (Sigourney) s
18 r 87 c
-2 r (eaver?") s
t-bol.300 @sf
1012 2023 p (3.5.1) s
42 r (Decompiling) s
15 r (in) s
15 r (Earnest) s
t-rom.300 @sf
1012 2102 p 84 c
(im) s
10 r (Shepard) s
10 r (joined) s
9 r (the) s
11 r (group) s
9 r (in) s
10 r (E40,) s
11 r (just) s
9 r (before) s
11 r (midnight) s
1012 2152 p (on) s
14 r (Thursday) s
-2 r 46 c
25 r 87 c
-2 r 101 c
13 r (thought) s
12 r (we) s
15 r (saw) s
14 r (packets) s
15 r (going) s
13 r (to) s
t-ita.300 @sf
13 r (ernie) s
t-rom.300 @sf
1012 2202 p (and) s
12 r (replies) s
11 r (coming) s
11 r (back,) s
13 r (though) s
10 r (this) s
10 r (later) s
12 r (proved) s
11 r (to) s
11 r (be) s
11 r (an) s
1012 2252 p (illusion.) s
12 r 84 c
(im) s
8 r (had) s
9 r (hundreds) s
9 r (of) s
8 r (megabytes) s
10 r (of) s
9 r (packet) s
10 r (headers) s
1012 2301 p (gathered) s
15 r (Thursday) s
15 r (morning) s
14 r (from) s
14 r 97 c
16 r (subnet) s
14 r (at) s
15 r (LCS) s
15 r (which) s
1012 2351 p (was) s
13 r (known) s
11 r (to) s
12 r (have) s
12 r (had) s
12 r (infected) s
12 r (machines) s
13 r (on) s
12 r (it.) s
18 r (Unfortu-) s
1012 2401 p (nately) s
9 r (the) s
9 r (data) s
10 r (was) s
10 r (sitting) s
7 r (on) s
8 r 97 c
10 r (machine) s
10 r (at) s
9 r (LCS,) s
10 r (which) s
9 r (was) s
1012 2451 p (still) s
12 r (of) s
102 c
12 r (the) s
13 r (network,) s
14 r (so) s
13 r 84 c
(im) s
12 r (decided) s
14 r (to) s
13 r (go) s
13 r (back) s
13 r (and) s
14 r (look) s
1012 2501 p (through) s
11 r (his) s
13 r (data.) s
21 r 87 c
-1 r (ithin) s
11 r (an) s
12 r (hour) s
12 r (or) s
13 r (two,) s
13 r 84 c
(im) s
11 r (called) s
13 r (back) s
1012 2551 p (to) s
11 r (say) s
13 r (that) s
11 r (he) s
11 r (found) s
11 r (no) s
11 r (unusual) s
11 r (traf) s
174 c
99 c
11 r (to) s
t-ita.300 @sf
11 r (ernie) s
t-rom.300 @sf
12 r (at) s
12 r (all.) s
18 r (This) s
1012 2600 p (was) s
11 r (our) s
10 r 174 c
(rst) s
10 r (good) s
9 r (con) s
174 c
(rmation) s
9 r (that) s
10 r (the) s
t-ita.300 @sf
10 r (ernie) s
t-rom.300 @sf
10 r (packets) s
11 r (were) s
1012 2639 p 390 2 ru
cmr6.300 @sf
1040 2667 p (14) s
t-rom.240 @sf
1072 2678 p (This) s
12 r (was) s
11 r (based) s
10 r (on) s
11 r (Mark) s
10 r (Lottor) s
1 r 39 c
-1 r 115 c
11 r (presentation) s
10 r (to) s
11 r (the) s
12 r (October) s
10 r (1988) s
1012 2717 p (meeting) s
8 r (of) s
8 r (the) s
8 r (Internet) s
7 r (Engineering) s
7 r 84 c
-1 r (ask) s
6 r (Force.) s
t-rom.300 @sf
955 2842 p 49 c
-1 r 49 c
@eop
12 @bop0
12 @bop1
t-rom.300 @sf
-36 96 p 97 c
14 r (red-herring) s
12 r (or) s
14 r (at) s
14 r (least) s
14 r (that) s
13 r (they) s
14 r (didn') s
116 c
11 r (actually) s
14 r (wind) s
13 r (up) s
-36 146 p (being) s
8 r (sent.) s
4 196 p (Serious) s
9 r (decompiling) s
8 r (began) s
10 r (after) s
9 r (midnight.) s
12 r (Stan) s
9 r (and) s
10 r 84 c
-2 r (ed) s
-36 246 p (soon) s
11 r (left) s
12 r (the) s
12 r (SIPB) s
12 r (of) s
174 c
(ce) s
13 r (and) s
13 r (joined) s
11 r (the) s
13 r (group) s
11 r (working) s
11 r (in) s
-36 295 p (E40,) s
16 r (bringing) s
13 r (with) s
14 r (them) s
16 r (the) s
15 r (decoding) s
15 r (of) s
15 r (the) s
15 r (strings) s
15 r (and) s
-36 345 p (much) s
11 r (of) s
11 r (the) s
12 r (decompiled) s
11 r (main) s
12 r (module) s
12 r (for) s
11 r (the) s
12 r (virus.) s
18 r (Mark) s
-36 395 p (Eichin,) s
8 r (who) s
9 r (had) s
9 r (recently) s
9 r (spent) s
9 r 97 c
9 r (lot) s
8 r (of) s
9 r (time) s
9 r (disassembling-) s
-36 445 p (assembling) s
9 r (some) s
12 r (ROMs) s
11 r (and) s
11 r (thus) s
11 r (had) s
11 r (recent) s
12 r (experience) s
12 r (at) s
-36 495 p (reverse) s
12 r (engineering) s
12 r (binaries,) s
13 r (took) s
11 r (the) s
13 r (lead) s
13 r (in) s
12 r (dividin) s
-1 r 103 c
11 r (the) s
-36 544 p (proj) s
-1 r (ect) s
9 r (up) s
9 r (and) s
10 r (assigning) s
8 r (parts) s
10 r (to) s
9 r (people.) s
14 r (He) s
10 r (had) s
10 r (also) s
10 r (woke) s
-36 594 p (up) s
8 r (in) s
9 r (late) s
10 r (afternoon) s
9 r (and) s
9 r (was) s
11 r (the) s
9 r (most) s
10 r (prepared) s
10 r (for) s
9 r (the) s
10 r (long) s
-36 644 p (nigh) s
-1 r 116 c
8 r (ahead.) s
4 694 p (At) s
13 r (1:55am) s
13 r (Mark) s
14 r (discovered) s
13 r (the) s
13 r 174 c
(rst) s
13 r (of) s
14 r (the) s
13 r (bugs) s
13 r (in) s
13 r (the) s
-36 744 p (viru) s
-1 r (s.) s
17 r 65 c
t-ita.300 @sf
11 r (bzer) s
-1 r 111 c
t-rom.300 @sf
12 r (call) s
11 r (in) s
t-ita.300 @sf
11 r (if) s
2 r 13 2 ru
12 r (init) s
t-rom.300 @sf
10 r (was) s
13 r (botched.) s
17 r (At) s
11 r (2:04am) s
12 r (Stan) s
-36 793 p (had) s
8 r 97 c
10 r (version) s
9 r (of) s
9 r (the) s
10 r (main) s
10 r (module) s
9 r (that) s
9 r (compiled.) s
13 r 87 c
-2 r 101 c
9 r (called) s
-36 843 p (Keith) s
7 r (Bostic) s
8 r (at) s
9 r (Berkeley) s
9 r (at) s
10 r (2:20am) s
8 r (and) s
9 r (arranged) s
10 r (to) s
8 r (do) s
9 r (FTP) s
-36 893 p (exchanges) s
9 r (of) s
8 r (source) s
10 r (code) s
9 r (on) s
9 r (an) s
10 r (MIT) s
9 r (machine) s
10 r (\(both) s
8 r (Berke-) s
-36 943 p (ley) s
12 r (and) s
13 r (MIT) s
14 r (had) s
13 r (never) s
14 r (cut) s
13 r (their) s
13 r (outside) s
13 r (network) s
12 r (connec-) s
-36 993 p (tio) s
-1 r (ns\).) s
17 r (Unfortunately) s
-3 r 44 c
10 r (Keith) s
12 r (was) s
12 r (unable) s
11 r (to) s
12 r (get) s
11 r (the) s
12 r (hackers) s
-36 1043 p (at) s
10 r (Berkeley) s
12 r (to) s
11 r (take) s
12 r 97 c
12 r (break) s
12 r (and) s
12 r (batch) s
11 r (up) s
12 r (their) s
11 r (work,) s
11 r (so) s
12 r (no) s
-36 1092 p (exchange) s
10 r (happened) s
10 r (at) s
10 r (that) s
10 r (time.) s
4 1142 p (At) s
12 r (2:45am) s
11 r (Mark) s
12 r (started) s
12 r (working) s
10 r (on) s
t-ita.300 @sf
12 r (checkother) s
cmr7.300 @sf
804 1128 p (15) s
t-rom.300 @sf
852 1142 p (since) s
-36 1192 p (the) s
14 r (Berkeley) s
16 r (folks) s
15 r (were) s
16 r (puzzled) s
16 r (by) s
16 r (it.) s
30 r (Jon) s
15 r (Rochlis) s
15 r (was) s
-36 1242 p (worki) s
-1 r (ng) s
11 r (on) s
13 r (the) s
13 r (later) s
t-ita.300 @sf
13 r (cracksome) s
t-rom.300 @sf
14 r (routines.) s
22 r (By) s
12 r (3:06am) s
13 r 84 c
-2 r (ed) s
-36 1292 p (had) s
12 r 174 c
(gured) s
13 r (out) s
13 r (that) s
t-ita.300 @sf
13 r (ha) s
t-rom.300 @sf
13 r (built) s
12 r 97 c
14 r (table) s
13 r (of) s
14 r (tar) s
(get) s
12 r (hosts) s
13 r (which) s
-36 1341 p (had) s
7 r (telnet) s
8 r (listeners) s
9 r (running.) s
12 r (By) s
8 r (3:17am) s
8 r 84 c
-2 r (ed) s
9 r (and) s
9 r (Hal) s
8 r (Birke-) s
-36 1391 p (land) s
7 r (from) s
8 r (the) s
9 r (Media) s
8 r (Lab) s
10 r (had) s
8 r (determined) s
9 r (that) s
8 r (the) s
t-ita.300 @sf
8 r (crypt) s
t-rom.300 @sf
9 r (rou-) s
-36 1441 p (tin) s
-1 r 101 c
12 r (was) s
14 r (the) s
13 r (same) s
15 r (as) s
14 r (one) s
14 r (found) s
12 r (in) s
13 r (the) s
13 r 67 c
13 r (library) s
-2 r 46 c
22 r (Nobody) s
-36 1491 p (had) s
11 r (yet) s
13 r (of) s
(fered) s
11 r 97 c
14 r (reason) s
13 r (why) s
12 r (it) s
12 r (was) s
13 r (included) s
12 r (in) s
12 r (the) s
12 r (virus,) s
-36 1541 p (rather) s
11 r (than) s
13 r (being) s
13 r (picked) s
12 r (up) s
13 r (at) s
13 r (link) s
12 r (time) s
cmr7.300 @sf
636 1527 p (16) s
t-rom.300 @sf
671 1541 p 46 c
23 r (Mark) s
13 r (had) s
13 r 174 c
(n-) s
-36 1590 p (ished) s
t-ita.300 @sf
10 r (checkother) s
t-rom.300 @sf
12 r (and) s
11 r 84 c
-2 r (ed) s
11 r (had) s
12 r 174 c
(nished) s
t-ita.300 @sf
11 r (permute) s
t-rom.300 @sf
11 r (at) s
12 r (3:28am.) s
-36 1640 p 87 c
-2 r 101 c
8 r (worked) s
10 r (on) s
10 r (other) s
10 r (routines) s
9 r (throughou) s
-1 r 116 c
8 r (the) s
10 r (morning.) s
t-bol.300 @sf
-36 1750 p (3.5.2) s
40 r (Observations) s
16 r (fr) s
(om) s
15 r (Running) s
15 r (the) s
17 r 86 c
-1 r (irus) s
t-rom.300 @sf
-36 1828 p (The) s
8 r 174 c
(rst) s
8 r (method) s
8 r (of) s
8 r (understanding) s
7 r (the) s
9 r (virus) s
7 r (was) s
10 r (the) s
8 r (decom-) s
-36 1878 p (pil) s
-1 r (ation) s
5 r (ef) s
(fort.) s
12 r 65 c
7 r (second) s
8 r (method) s
7 r (was) s
9 r (to) s
6 r (watch) s
8 r (the) s
8 r (virus) s
6 r (as) s
8 r (it) s
-36 1927 p (ran,) s
8 r (in) s
9 r (an) s
9 r (attempt) s
9 r (to) s
9 r (characterize) s
11 r (what) s
9 r (it) s
8 r (was) s
10 r (doing) s
8 r 177 c
9 r (this) s
8 r (is) s
-36 1977 p (akin) s
6 r (to) s
8 r (looking) s
6 r (at) s
8 r (the) s
8 r (symptoms) s
8 r (of) s
8 r 97 c
9 r (biological) s
7 r (virus,) s
8 r (rather) s
-36 2027 p (than) s
8 r (analyzing) s
10 r (the) s
10 r (DNA) s
11 r (of) s
9 r (the) s
11 r (virus.) s
4 2077 p 87 c
-2 r 101 c
10 r (wanted) s
11 r (to) s
10 r (do) s
10 r (several) s
12 r (things) s
9 r (to) s
10 r (prepare) s
12 r (for) s
10 r (observing) s
-36 2127 p (the) s
9 r (virus:) s
cmsy10.300 @sf
4 2215 p 15 c
t-rom.300 @sf
21 r (Monitori) s
-1 r (ng.) s
12 r 87 c
-2 r 101 c
9 r (wanted) s
11 r (to) s
9 r (set) s
11 r (up) s
10 r 97 c
10 r (machine) s
11 r (with) s
9 r (spe-) s
46 2265 p (cial) s
10 r (logging,) s
8 r (mostly) s
10 r (including) s
8 r (packet) s
11 r (monitors.) s
cmsy10.300 @sf
4 2347 p 15 c
t-rom.300 @sf
21 r (Pointers.) s
30 r 87 c
-2 r 101 c
15 r (wanted) s
16 r (to) s
16 r 96 c
-2 r (`prime') s
-3 r 39 c
14 r (the) s
16 r (machine) s
17 r (with) s
46 2397 p (pointers) s
8 r (to) s
8 r (other) s
9 r (machines) s
10 r (so) s
10 r (we) s
10 r (could) s
8 r (watch) s
10 r (how) s
9 r (the) s
46 2447 p (virus) s
12 r (would) s
13 r (attack) s
13 r (its) s
13 r (tar) s
(gets.) s
23 r (By) s
13 r (placing) s
13 r (the) s
13 r (names) s
-36 2482 p 390 2 ru
cmr6.300 @sf
-9 2509 p (15) s
t-rom.240 @sf
22 2520 p (This) s
9 r (and) s
7 r (all) s
9 r (the) s
8 r (other) s
8 r (routines) s
8 r (mentioned) s
7 r (here) s
7 r (are) s
8 r (described) s
7 r (in) s
9 r (detail) s
-36 2559 p (in) s
10 r (Appendix) s
9 r (A.) s
20 r (The) s
11 r (routines) s
10 r (mentioned) s
10 r (here) s
10 r (are) s
11 r (not) s
11 r (intended) s
9 r (to) s
12 r (be) s
10 r (an) s
-36 2599 p (exh) s
-1 r (austive) s
6 r (list) s
9 r (of) s
8 r (the) s
8 r (routines) s
7 r (we) s
8 r (worked) s
7 r (on.) s
cmr6.300 @sf
-9 2627 p (16) s
t-rom.240 @sf
22 2638 p (It) s
9 r (turned) s
7 r (out) s
7 r (that) s
8 r (we) s
8 r (were) s
7 r (wrong) s
7 r (and) s
7 r (the) s
8 r (version) s
7 r (of) s
t-ita.240 @sf
7 r (crypt) s
t-rom.240 @sf
8 r (was) s
t-ita.240 @sf
7 r (not) s
t-rom.240 @sf
8 r (the) s
-36 2678 p (same) s
7 r (as) s
8 r (library) s
9 r (version[) s
57 c
-2 r (].) s
14 r (Not) s
9 r (everything) s
7 r (you) s
8 r (do) s
8 r (at) s
9 r (3:00am) s
8 r (turns) s
8 r (out) s
9 r (to) s
-36 2717 p (be) s
6 r (right.) s
t-rom.300 @sf
1095 96 p (of) s
10 r (the) s
11 r (tar) s
(get) s
9 r (machines) s
11 r (in) s
10 r (many) s
10 r (dif) s
(ferent) s
9 r (places) s
11 r (on) s
10 r (the) s
1095 146 p 96 c
-2 r (`host') s
-3 r 39 c
7 r (computer) s
10 r (we) s
10 r (could) s
9 r (also) s
9 r (see) s
11 r (how) s
9 r (the) s
9 r (virus) s
9 r (cre-) s
1095 196 p (ated) s
11 r (its) s
10 r (lists) s
9 r (of) s
10 r (tar) s
(gets.) s
cmsy10.300 @sf
1054 282 p 15 c
t-rom.300 @sf
20 r (Isolation.) s
28 r 87 c
-2 r 101 c
15 r (considered) s
15 r (isolating) s
13 r (the) s
15 r (machines) s
16 r (in-) s
1095 332 p (volved) s
12 r (from) s
11 r (the) s
12 r (network) s
12 r (totally) s
10 r (\(for) s
11 r (paranoia') s
-1 r 115 c
11 r (sake\)) s
1095 382 p (or) s
14 r (by) s
13 r 97 c
14 r (link-layer) s
13 r (bridge) s
12 r (to) s
14 r (cut) s
13 r (down) s
13 r (on) s
13 r (the) s
14 r (amount) s
1095 432 p (of) s
10 r (extraneous) s
10 r (traf) s
174 c
99 c
9 r (monitored.) s
13 r 84 c
(rue) s
8 r (isolation) s
8 r (proved) s
1095 482 p (more) s
16 r (than) s
14 r (we) s
15 r (were) s
16 r (willing) s
12 r (to) s
14 r (deal) s
15 r (with) s
14 r (at) s
15 r (the) s
14 r (time,) s
1095 531 p (since) s
13 r (all) s
12 r (of) s
12 r (our) s
12 r (UNIX) s
12 r (workstations) s
10 r (assume) s
14 r (access) s
14 r (to) s
1095 581 p (many) s
15 r (network) s
13 r (services) s
15 r (such) s
14 r (as) s
15 r (nameservers) s
15 r (and) s
14 r 174 c
(le) s
1095 631 p (servers.) s
31 r 87 c
-2 r 101 c
14 r (didn') s
116 c
13 r (want) s
15 r (to) s
15 r (take) s
16 r (the) s
15 r (time) s
15 r (to) s
15 r (build) s
14 r 97 c
1095 681 p (functional) s
9 r (standalone) s
10 r (system,) s
10 r (though) s
9 r (that) s
9 r (would) s
9 r (have) s
1095 731 p (been) s
17 r (feasible) s
16 r (if) s
15 r (we) s
16 r (had) s
16 r (judged) s
15 r (the) s
15 r (risk) s
15 r (of) s
16 r (infecting) s
1095 780 p (other) s
10 r (machines) s
11 r (too) s
10 r (great.) s
1054 875 p (Mike) s
17 r (Muuss) s
16 r (reported) s
17 r (that) s
16 r (the) s
16 r (BRL) s
17 r (group) s
16 r (focused) s
17 r (on) s
1012 925 p (monitoring) s
7 r (the) s
8 r (virus) s
7 r (in) s
8 r (action.) s
13 r (They) s
9 r (prepared) s
9 r 97 c
9 r (special) s
9 r (log-) s
1012 975 p (ging) s
13 r (kernel,) s
14 r (but) s
13 r (even) s
14 r (in) s
13 r (coordination) s
11 r (with) s
12 r (Berkeley) s
14 r (were) s
1012 1025 p (unable) s
11 r (to) s
9 r (re-infect) s
10 r (the) s
10 r (machine) s
11 r (in) s
10 r (question) s
9 r (until) s
9 r (Saturday) s
-2 r 46 c
1054 1075 p (By) s
12 r (1:00am) s
12 r (Friday) s
13 r (we) s
13 r (had) s
12 r (set) s
13 r (up) s
13 r (the) s
12 r (monitoring) s
10 r (equip-) s
1012 1125 p (ment) s
9 r (\(an) s
9 r (IBM) s
8 r (PC) s
9 r (running) s
6 r 97 c
10 r (packet) s
9 r (monitor\)) s
7 r (and) s
8 r (two) s
8 r (work-) s
1012 1175 p (stations) s
8 r (\(one) s
9 r (acting) s
9 r (as) s
10 r (the) s
8 r (tar) s
(get,) s
9 r (the) s
9 r (other) s
8 r (running) s
8 r 97 c
9 r (packet) s
1012 1225 p (monitoring) s
10 r (program) s
13 r (and) s
12 r (saving) s
12 r (the) s
12 r (packet) s
13 r (traces) s
13 r (to) s
12 r (disk\),) s
1012 1275 p (all) s
14 r (separated) s
14 r (from) s
13 r (the) s
13 r (network) s
13 r (by) s
13 r 97 c
14 r (link-layer) s
12 r (bridge) s
13 r (and) s
1012 1324 p (had) s
10 r (dubbed) s
9 r (the) s
9 r (whole) s
9 r (setup) s
9 r (the) s
10 r 96 c
-2 r (`vir) s
-1 r (us) s
8 r (net') s
-2 r ('.) s
12 r 87 c
-2 r (e,) s
10 r (too,) s
9 r (were) s
1012 1374 p (unsuccessful) s
15 r (in) s
14 r (our) s
14 r (attempt) s
14 r (to) s
14 r (get) s
15 r (our) s
14 r (tar) s
(get) s
13 r (machine) s
15 r (in-) s
1012 1424 p (fected) s
13 r (until) s
9 r (we) s
13 r (had) s
11 r (enough) s
11 r (of) s
11 r (the) s
12 r (virus) s
11 r (decompiled) s
11 r (to) s
11 r (un-) s
1012 1474 p (derstand) s
11 r (what) s
11 r (ar) s
(guments) s
10 r (it) s
10 r (wanted.) s
17 r (By) s
10 r (3:40am) s
11 r (John) s
10 r (Kohl) s
1012 1524 p (had) s
13 r (the) s
12 r (virus) s
12 r (running) s
11 r (on) s
12 r (our) s
12 r ("virus) s
11 r (net") s
13 r (and) s
12 r (we) s
13 r (learned) s
13 r 97 c
1012 1573 p (lot) s
12 r (by) s
11 r (watching) s
12 r (what) s
12 r (it) s
11 r (did.) s
19 r (The) s
13 r (virus) s
11 r (was) s
13 r (soon) s
12 r (observed) s
1012 1623 p (trying) s
8 r (telnet,) s
9 r (SMTP) s
-4 r 44 c
10 r (and) s
9 r 174 c
(nger) s
10 r (connections) s
8 r (to) s
9 r (all) s
9 r (gateways) s
1012 1673 p (listed) s
9 r (in) s
9 r (the) s
9 r (routing) s
7 r (table.) s
14 r (Later) s
10 r (it) s
8 r (was) s
10 r (seen) s
11 r (trying) s
c-med.300 @sf
7 r (rsh) s
t-rom.300 @sf
10 r (and) s
c-med.300 @sf
1012 1723 p (rexec) s
t-rom.300 @sf
10 r (into) s
9 r (one) s
11 r (of) s
10 r (the) s
10 r (gateways.) s
1054 1774 p (At) s
10 r (4:22am,) s
11 r (upon) s
10 r (hearing) s
10 r (of) s
10 r (the) s
10 r (virus) s
10 r (going) s
9 r (after) s
11 r (yet) s
10 r (an-) s
1012 1823 p (other) s
8 r (host) s
8 r (in) s
8 r 97 c
9 r 96 c
-2 r (`new') s
-2 r 39 c
6 r (manner) s
-1 r 44 c
10 r (Jon) s
8 r (Rochlis) s
8 r (remarked) s
9 r 96 c
-2 r (`This) s
1012 1873 p (really) s
13 r (feels) s
14 r (like) s
12 r (the) s
13 r (movie) s
t-ita.300 @sf
13 r (Aliens) s
t-rom.300 @sf
46 c
22 r (So) s
13 r (where) s
14 r (is) s
13 r (Sigourney) s
1012 1923 p 87 c
-2 r (eaver?') s
-2 r 39 c
25 r (Seeing) s
14 r (the) s
14 r (virus) s
13 r (reach) s
16 r (out) s
13 r (to) s
13 r (infect) s
14 r (other) s
14 r (ma-) s
1012 1973 p (chines) s
11 r (seemed) s
12 r (quite) s
9 r (scary) s
11 r (and) s
10 r (beyond) s
10 r (our) s
10 r (control.) s
1054 2024 p (At) s
8 r (5:45am) s
8 r (we) s
10 r (called) s
8 r (the) s
9 r (folks) s
8 r (at) s
8 r (Berkeley) s
9 r (and) s
9 r 174 c
(nally) s
7 r (ex-) s
1012 2073 p (changed) s
10 r (code.) s
15 r 65 c
9 r (number) s
10 r (of) s
9 r (people) s
9 r (in) s
9 r (Berkeley) s
10 r (had) s
9 r (punted) s
1012 2123 p (to) s
13 r (get) s
13 r (some) s
14 r (sleep,) s
15 r (and) s
13 r (we) s
14 r (had) s
13 r 97 c
13 r (bit) s
13 r (of) s
12 r (dif) s
174 c
(culty) s
11 r (convinc-) s
1012 2173 p (ing) s
10 r (the) s
10 r (person) s
10 r (who) s
10 r (answered) s
11 r (Keith) s
10 r (Bostic') s
-1 r 115 c
8 r (phone) s
10 r (that) s
10 r (we) s
1012 2223 p (weren') s
116 c
14 r (the) s
14 r (bad) s
14 r (guy) s
14 r (trying) s
12 r (to) s
14 r (fool) s
13 r (them.) s
26 r 87 c
-2 r 101 c
13 r (gave) s
15 r (him) s
14 r 97 c
1012 2273 p (number) s
8 r (at) s
8 r (MIT) s
7 r (that) s
7 r (showed) s
8 r (up) s
7 r (in) s
7 r (the) s
7 r (NIC') s
-1 r 115 c
6 r (whois) s
7 r (database,) s
1012 2322 p (but) s
10 r (he) s
10 r (never) s
11 r (bothered) s
10 r (to) s
9 r (call) s
11 r (back.) s
1054 2373 p (At) s
14 r (this) s
12 r (point) s
13 r 97 c
14 r (bunch) s
14 r (of) s
13 r (us) s
14 r (went) s
14 r (out) s
13 r (and) s
14 r (brought) s
12 r (back) s
1012 2423 p (some) s
11 r (breakfast.) s
t-bol.300 @sf
1012 2538 p (3.5.3) s
42 r (The) s
16 r (Media) s
16 r (Really) s
15 r (Arrives) s
t-rom.300 @sf
1012 2617 p 87 c
-2 r 101 c
13 r (had) s
13 r (been) s
14 r (very) s
13 r (fortunate) s
12 r (that) s
12 r (the) s
13 r (press) s
14 r (did) s
12 r (not) s
12 r (distract) s
1012 2667 p (us,) s
12 r (and) s
11 r (that) s
10 r (we) s
12 r (were) s
11 r (thus) s
11 r (able) s
11 r (to) s
10 r (put) s
10 r (most) s
11 r (of) s
11 r (our) s
10 r (time) s
11 r (into) s
1012 2717 p (our) s
12 r (decompilation) s
10 r (and) s
12 r (analysis) s
11 r (ef) s
(forts.) s
17 r (Jim) s
12 r (Bruce) s
12 r (and) s
12 r (the) s
954 2842 p (12) s
@eop
13 @bop0
13 @bop1
t-rom.300 @sf
-36 96 p (MIT) s
11 r (News) s
13 r (Of) s
174 c
(ce) s
13 r (did) s
12 r 97 c
13 r 174 c
(rst) s
12 r (rate) s
13 r (job) s
11 r (of) s
13 r (dealing) s
11 r (with) s
12 r (most) s
-36 146 p (of) s
9 r (the) s
11 r (press) s
11 r (onslaught.) s
15 r (By) s
11 r (early) s
11 r (morning) s
9 r (Friday) s
11 r (there) s
11 r (was) s
-36 196 p (so) s
13 r (much) s
16 r (media) s
15 r (interest) s
14 r (that) s
15 r (MIT) s
15 r (News) s
15 r (Of) s
174 c
(ce) s
15 r (scheduled) s
-36 246 p 97 c
14 r (press) s
13 r (conference) s
15 r (for) s
13 r (noon) s
13 r (in) s
13 r (the) s
14 r (Project) s
13 r (Athena) s
14 r 86 c
-1 r (isi) s
-1 r (tor) s
-36 295 p (Center) s
9 r (in) s
9 r (E40.) s
4 351 p (Just) s
12 r (before) s
12 r (the) s
12 r (press) s
13 r (conference,) s
14 r (we) s
13 r (briefed) s
12 r (Jim) s
12 r (on) s
12 r (our) s
-36 401 p 174 c
(ndin) s
-1 r (gs) s
16 r (and) s
18 r (what) s
18 r (we) s
18 r (thought) s
16 r (was) s
18 r (important:) s
27 r (the) s
17 r (virus) s
-36 451 p (didn) s
-1 r 39 c
-1 r 116 c
13 r (destroy) s
15 r (or) s
15 r (even) s
15 r (try) s
15 r (to) s
14 r (destroy) s
15 r (any) s
15 r (data;) s
18 r (it) s
14 r (did) s
14 r (not) s
-36 501 p (appear) s
12 r (to) s
12 r (be) s
12 r (an) s
13 r 96 c
-2 r (`accident;') s
-3 r 39 c
12 r (we) s
13 r (understood) s
11 r (enough) s
12 r (of) s
12 r (the) s
-36 551 p (viru) s
-1 r 115 c
10 r (to) s
12 r (speak) s
12 r (with) s
11 r (authority;) s
10 r (many) s
12 r (people) s
12 r (\(especially) s
12 r (the) s
-36 600 p (people) s
12 r (we) s
14 r (had) s
14 r (talked) s
13 r (to) s
13 r (at) s
14 r (Berkeley\)) s
14 r (had) s
13 r (helped) s
14 r (to) s
13 r (solve) s
-36 650 p (thi) s
-1 r (s.) s
4 706 p 87 c
-2 r 101 c
15 r (were) s
16 r (amazed) s
17 r (at) s
15 r (the) s
15 r (size) s
16 r (of) s
15 r (the) s
15 r (press) s
15 r (conference) s
17 r 177 c
-36 756 p (there) s
6 r (were) s
9 r (approximately) s
6 r (ten) s
8 r (TV) s
8 r (camera) s
9 r (crews) s
9 r (and) s
8 r (twenty-) s
-36 806 p 174 c
(ve) s
13 r (reporters.) s
26 r (Jef) s
102 c
14 r (Schiller) s
14 r (spent) s
14 r 97 c
15 r (good) s
14 r (amount) s
14 r (of) s
14 r (time) s
-36 856 p (talki) s
-1 r (ng) s
6 r (to) s
7 r (reporters) s
7 r (before) s
8 r (the) s
8 r (conference) s
8 r (proper) s
8 r (began,) s
9 r (and) s
-36 905 p (many) s
10 r (got) s
10 r (shots) s
10 r (of) s
11 r (Jef) s
102 c
11 r (pointi) s
-1 r (ng) s
9 r (at) s
11 r (the) s
11 r (letters) s
10 r 96 c
-2 r (`\(sh\)') s
-3 r 39 c
9 r (on) s
11 r (the) s
-36 955 p (outp) s
-1 r (ut) s
8 r (of) s
10 r 97 c
c-med.300 @sf
11 r (ps) s
t-rom.300 @sf
10 r (command.) s
15 r (Jim) s
10 r (and) s
11 r (Jef) s
102 c
10 r (answered) s
11 r (questions) s
-36 1005 p (as) s
12 r (the) s
13 r (decompiling) s
11 r (crew) s
14 r (watched) s
13 r (from) s
13 r 97 c
14 r (vantage) s
13 r (point) s
11 r (in) s
-36 1055 p (the) s
6 r (back) s
8 r (of) s
8 r (the) s
7 r (room.) s
13 r (At) s
7 r (one) s
8 r (point) s
6 r 97 c
8 r (reporter) s
7 r (asked) s
9 r (Jef) s
102 c
7 r (how) s
-36 1105 p (many) s
11 r (people) s
12 r (had) s
13 r (enough) s
12 r (knowledge) s
11 r (to) s
12 r (write) s
12 r (such) s
13 r 97 c
12 r (virus) s
-36 1154 p (and) s
8 r (in) s
9 r (particular) s
-1 r 44 c
8 r (if) s
9 r (Jef) s
102 c
9 r (could) s
8 r (have) s
10 r (written) s
8 r (such) s
10 r 97 c
9 r (program.) s
-36 1204 p (The) s
10 r (answer) s
11 r (was) s
11 r (of) s
10 r (course) s
10 r (many) s
11 r (people) s
10 r (could) s
10 r (have) s
11 r (written) s
-36 1254 p (it) s
8 r (and) s
9 r (yes,) s
11 r (Jef) s
102 c
9 r (was) s
10 r (one) s
10 r (of) s
9 r (them.) s
14 r (The) s
10 r (obvious) s
9 r (question) s
8 r (was) s
-36 1304 p (then) s
8 r (asked:) s
15 r 96 c
-2 r (`Where) s
9 r (were) s
11 r (you) s
10 r (on) s
10 r 87 c
-2 r (ednesday) s
10 r (night,) s
9 r (Jef) s
(f?') s
-2 r 39 c
-36 1354 p (This) s
10 r (was) s
12 r (received) s
13 r (with) s
10 r 97 c
12 r (great) s
12 r (deal) s
12 r (of) s
11 r (laughter) s
-1 r 46 c
16 r (But) s
11 r (when) s
-36 1403 p 97 c
12 r (reporter) s
10 r (stated) s
11 r (that) s
11 r (sources) s
13 r (at) s
11 r (the) s
12 r (Pentagon) s
11 r (had) s
12 r (said) s
11 r (that) s
-36 1453 p (the) s
9 r (instigator) s
8 r (of) s
11 r (the) s
10 r (virus) s
10 r (had) s
10 r (come) s
12 r (forward) s
10 r (and) s
11 r (was) s
11 r 97 c
11 r (BU) s
-36 1503 p (or) s
8 r (MIT) s
9 r (graduate) s
10 r (student,) s
9 r (we) s
10 r (all) s
9 r (gasped) s
10 r (and) s
9 r (hoped) s
9 r (it) s
9 r (hadn') s
116 c
-36 1553 p (really) s
8 r (been) s
11 r (one) s
10 r (of) s
10 r (our) s
10 r (students.) s
4 1609 p (After) s
7 r (the) s
8 r (conference) s
8 r (the) s
8 r (press) s
8 r 174 c
(lmed) s
7 r (many) s
8 r (of) s
8 r (us) s
7 r (working) s
-36 1659 p (\(or) s
12 r (pretending) s
13 r (to) s
14 r (work\)) s
14 r (in) s
14 r (front) s
13 r (of) s
14 r (computers,) s
16 r (as) s
15 r (well) s
14 r (as) s
-36 1709 p (short) s
8 r (interviews.) s
4 1764 p (The) s
10 r (media) s
10 r (was) s
10 r (uniformly) s
7 r (disappointed) s
8 r (that) s
9 r (the) s
9 r (virus) s
8 r (did) s
-36 1814 p (noth) s
-1 r (ing) s
9 r (even) s
12 r (remotely) s
11 r (visual.) s
16 r (Several) s
12 r (also) s
12 r (seemed) s
13 r (pained) s
-36 1864 p (that) s
16 r (we) s
18 r (weren') s
116 c
17 r (moments) s
18 r (away) s
18 r (from) s
18 r 87 c
-2 r (orld) s
15 r 87 c
-2 r (ar) s
17 r (III,) s
18 r (or) s
-36 1914 p (that) s
11 r (there) s
14 r (weren') s
116 c
13 r (lar) s
(ge) s
13 r (numbers) s
13 r (of) s
14 r (companies) s
14 r (and) s
14 r (banks) s
-36 1964 p (hooked) s
10 r (up) s
12 r (to) s
12 r 96 c
-2 r (`MIT') s
-2 r 115 c
11 r (network') s
-2 r 39 c
10 r (who) s
12 r (were) s
14 r (going) s
11 r (to) s
12 r (be) s
12 r (re-) s
-36 2014 p (ally) s
7 r (upset) s
9 r (when) s
9 r (Monday) s
8 r (rolled) s
8 r (around.) s
13 r (But) s
8 r (the) s
9 r (vast) s
9 r (major-) s
-36 2063 p (ity) s
8 r (of) s
11 r (the) s
10 r (press) s
11 r (seemed) s
13 r (to) s
10 r (be) s
11 r (asking) s
10 r (honest) s
10 r (questions) s
10 r (in) s
10 r (an) s
-36 2113 p (attempt) s
8 r (to) s
9 r (grapple) s
9 r (with) s
9 r (the) s
9 r (unfamiliar) s
9 r (concepts) s
10 r (of) s
9 r (comput-) s
-36 2163 p (ers) s
9 r (and) s
10 r (networks.) s
13 r (At) s
10 r (the) s
10 r (NCSC) s
9 r (meeting) s
10 r (Mike) s
9 r (Muuss) s
10 r (said,) s
-36 2213 p 96 c
-2 r (`M) s
-1 r 121 c
11 r (greatest) s
13 r (fear) s
14 r (was) s
14 r (that) s
13 r (of) s
12 r (seeing) s
14 r 97 c
t-ita.300 @sf
14 r (Nationa) s
-1 r 108 c
11 r (Enquir) s
-1 r (er) s
t-rom.300 @sf
-36 2263 p (headline:) s
11 r (Computer) s
9 r 86 c
-1 r (irus) s
7 r (Escapes) s
12 r (to) s
9 r (Humans,) s
11 r (96) s
9 r (Killed.') s
-2 r 39 c
-36 2312 p 87 c
-2 r 101 c
8 r (were) s
11 r (lucky) s
10 r (that) s
9 r (didn') s
116 c
8 r (happen.) s
4 2368 p (Perhaps) s
10 r (the) s
9 r (funniest) s
8 r (thing) s
8 r (done) s
9 r (by) s
9 r (the) s
9 r (press) s
10 r (was) s
10 r (the) s
9 r (pic-) s
-36 2418 p (ture) s
12 r (of) s
13 r (the) s
14 r (virus) s
13 r (code) s
14 r (printed) s
12 r (in) s
13 r (Saturday') s
-1 r 115 c
12 r (edition) s
12 r (of) s
14 r (the) s
t-ita.300 @sf
-36 2468 p (Boston) s
13 r (Herald) s
t-rom.300 @sf
91 c
(21) s
-1 r (].) s
29 r (Jon) s
15 r (Kamens) s
16 r (of) s
15 r (MIT) s
16 r (Project) s
15 r (Athena) s
-36 2518 p (had) s
15 r (made) s
17 r 97 c
16 r (window) s
15 r (dump) s
16 r (of) s
15 r (the) s
16 r (assembly) s
17 r (code) s
16 r (for) s
16 r (the) s
-36 2568 p (start) s
10 r (of) s
12 r (the) s
11 r (virus) s
12 r (\(along) s
11 r (with) s
11 r (corresponding) s
10 r (decompiled) s
12 r 67 c
-36 2617 p (code\),) s
14 r (even) s
15 r (including) s
12 r (the) s
14 r (window) s
13 r (dump) s
14 r (command) s
15 r (itself.) s
-36 2667 p (The) s
10 r (truly) s
9 r (amusing) s
11 r (thing) s
9 r (was) s
11 r (that) s
10 r (the) s
t-ita.300 @sf
11 r (Herald) s
t-rom.300 @sf
10 r (had) s
11 r (gotten) s
9 r (an) s
-36 2717 p (artist) s
9 r (to) s
10 r (add) s
11 r (tractor) s
10 r (feed) s
12 r (holes) s
11 r (to) s
10 r (the) s
11 r (printout) s
8 r (in) s
11 r (an) s
11 r (attempt) s
1012 96 p (to) s
11 r (make) s
11 r (it) s
10 r (look) s
10 r (like) s
10 r (something) s
10 r (that) s
10 r 97 c
11 r (computer) s
10 r (might) s
10 r (have) s
1012 146 p (generated.) s
15 r 87 c
-2 r (e're) s
9 r (sure) s
10 r (they) s
9 r (would) s
9 r (have) s
10 r (preferred) s
10 r 97 c
10 r (dot) s
9 r (ma-) s
1012 196 p (trix) s
10 r (printer) s
9 r (to) s
9 r (the) s
10 r (laser) s
11 r (printer) s
9 r (we) s
11 r (used.) s
1054 247 p (Keith) s
8 r (Bostic) s
8 r (called) s
8 r (in) s
8 r (the) s
9 r (middle) s
8 r (of) s
8 r (the) s
8 r (press) s
9 r (zoo,) s
9 r (but) s
8 r (we) s
1012 297 p (were) s
11 r (too) s
9 r (busy) s
9 r (dealing) s
9 r (with) s
8 r (the) s
10 r (press,) s
10 r (so) s
10 r (we) s
10 r (cut) s
9 r (the) s
10 r (conver-) s
1012 346 p (sation) s
12 r (short.) s
21 r (He) s
13 r (called) s
13 r (us) s
12 r (back) s
14 r (around) s
12 r (3:00pm) s
11 r (and) s
13 r (asked) s
1012 396 p (for) s
11 r (our) s
10 r (af) s
174 c
(liations) s
9 r (for) s
11 r (his) s
10 r (next) s
11 r (posting) s
cmr7.300 @sf
1652 382 p (17) s
t-rom.300 @sf
1685 396 p 46 c
17 r (Keith) s
10 r (also) s
11 r (asked) s
1012 446 p (if) s
12 r (we) s
12 r (liked) s
11 r (the) s
11 r (idea) s
12 r (of) s
11 r (posting) s
10 r (bug) s
11 r 174 c
(xes) s
13 r (to) s
11 r (the) s
11 r (virus) s
11 r (itself,) s
1012 496 p (and) s
14 r (we) s
13 r (instantly) s
11 r (agreed) s
14 r (with) s
12 r (glee.) s
23 r (Keith) s
12 r (made) s
14 r (his) s
13 r (fourth) s
1012 546 p (bug) s
10 r 174 c
120 c
11 r (posting) s
9 r (at) s
10 r (5:04pm,) s
10 r (this) s
10 r (time) s
10 r (with) s
10 r 174 c
(xes) s
11 r (to) s
10 r (the) s
10 r (virus.) s
1012 595 p (Again) s
10 r (he) s
11 r (recommended) s
11 r (renaming) s
t-ita.300 @sf
11 r (ld) s
t-rom.300 @sf
44 c
10 r (the) s
10 r (UNIX) s
10 r (linker) s
-2 r 46 c
1054 646 p (Things) s
12 r (began) s
12 r (to) s
12 r (wind) s
11 r (down) s
12 r (after) s
12 r (that,) s
12 r (though) s
11 r (the) s
12 r (press) s
1012 696 p (was) s
15 r (still) s
12 r (calling) s
13 r (and) s
14 r (we) s
15 r (managed) s
15 r (to) s
13 r (put) s
13 r (of) s
102 c
13 r (the) s
13 r (NBC) s
t-ita.300 @sf
14 r 84 c
-3 r (o-) s
1012 746 p (day) s
t-rom.300 @sf
12 r (show) s
11 r (until) s
10 r (Saturday) s
11 r (afternoon.) s
18 r (Most) s
11 r (of) s
11 r (us) s
12 r (got) s
10 r 97 c
12 r (good) s
1012 796 p (amount) s
10 r (of) s
10 r (sleep) s
11 r (for) s
10 r (the) s
10 r 174 c
(rst) s
10 r (time) s
10 r (in) s
10 r (several) s
11 r (days.) s
t-bol.360 @sf
1012 921 p (3.6) s
51 r (Saturday:) s
23 r (Sour) s
(ce) s
18 r (Code) s
19 r (Policy) s
t-rom.300 @sf
1012 1001 p (Saturday) s
18 r (afternoon,) s
20 r 53 c
17 r (November) s
19 r (1988,) s
19 r (the) s
t-ita.300 @sf
18 r 84 c
-3 r (oday) s
t-rom.300 @sf
17 r (show) s
1012 1051 p (came) s
20 r (to) s
17 r (the) s
18 r (SIPB) s
18 r (Of) s
174 c
(ce,) s
20 r (which) s
17 r (they) s
18 r (referred) s
18 r (to) s
17 r (as) s
19 r (the) s
1012 1101 p 96 c
-2 r (`computer) s
10 r (support) s
11 r (club') s
-2 r 39 c
9 r 40 c
t-ita.300 @sf
(sic) s
t-rom.300 @sf
(\),) s
12 r (to) s
11 r 174 c
(nd) s
12 r 97 c
12 r (group) s
10 r (of) s
11 r (hackers.) s
1012 1150 p (They) s
15 r (interviewed) s
13 r (Mark) s
15 r (Eichin) s
14 r (and) s
14 r (Jon) s
14 r (Rochlis) s
13 r (and) s
14 r (used) s
1012 1200 p (Mark') s
-1 r 115 c
7 r (description) s
7 r (of) s
8 r (what) s
8 r (hackers) s
9 r (really) s
8 r (try) s
7 r (to) s
8 r (do) s
7 r (on) s
8 r (Mon-) s
1012 1250 p (day) s
11 r (morning') s
-2 r 115 c
9 r (show) s
-2 r 46 c
1054 1301 p (After) s
14 r (the) s
t-ita.300 @sf
14 r 84 c
-3 r (oday) s
t-rom.300 @sf
14 r (show) s
14 r (crew) s
15 r (left,) s
15 r (many) s
15 r (of) s
14 r (us) s
14 r (caught) s
14 r (up) s
1012 1351 p (on) s
12 r (our) s
11 r (mail.) s
18 r (It) s
11 r (was) s
12 r (then) s
11 r (that) s
11 r (we) s
12 r 174 c
(rst) s
11 r (saw) s
12 r (Andy) s
11 r (Sudduth') s
-2 r 115 c
1012 1401 p (Thursday) s
7 r (morning) s
6 r (posting) s
6 r (to) s
t-ita.300 @sf
6 r (tcp-ip@sri-nic.arpa) s
t-rom.300 @sf
6 r (and) s
7 r (Mike) s
1012 1450 p (Patton) s
10 r (stopped) s
9 r (by) s
10 r (and) s
11 r (pointed) s
9 r (out) s
9 r (how) s
10 r (strange) s
10 r (it) s
10 r (was.) s
1054 1502 p 87 c
-2 r 101 c
6 r (soon) s
7 r (found) s
5 r (ourselves) s
7 r (in) s
7 r (the) s
6 r (middle) s
7 r (of) s
6 r 97 c
8 r (heated) s
7 r (discus-) s
1012 1551 p (sion) s
7 r (on) s
t-ita.300 @sf
6 r (phage@pur) s
-1 r (due.edu) s
t-rom.300 @sf
6 r (regarding) s
7 r (distribu) s
-1 r (ti) s
-1 r (on) s
5 r (of) s
7 r (the) s
6 r (de-) s
1012 1601 p (compiled) s
10 r (virus) s
8 r (source) s
10 r (code.) s
15 r (Since) s
10 r (we) s
10 r (had) s
10 r (received) s
10 r (several) s
1012 1651 p (private) s
10 r (requests) s
9 r (for) s
9 r (our) s
10 r (work,) s
9 r (we) s
10 r (sat) s
10 r (back) s
10 r (and) s
10 r (talked) s
9 r (about) s
1012 1701 p (what) s
8 r (to) s
8 r (do,) s
8 r (and) s
9 r (quickly) s
6 r (reached) s
10 r (consensus.) s
13 r 87 c
-2 r 101 c
8 r (agreed) s
9 r (with) s
1012 1751 p (most) s
10 r (of) s
9 r (the) s
9 r (other) s
9 r (groups) s
9 r (around) s
9 r (the) s
9 r (country) s
9 r (who) s
9 r (had) s
10 r (come) s
1012 1800 p (to) s
12 r (the) s
13 r (decision) s
12 r (not) s
11 r (to) s
12 r (release) s
14 r (the) s
12 r (source) s
13 r (code) s
13 r (they) s
12 r (had) s
12 r (re-) s
1012 1850 p (verse) s
10 r (engineered.) s
14 r 87 c
-2 r 101 c
9 r (felt) s
8 r (strongly) s
8 r (that) s
8 r (the) s
9 r (details) s
9 r (of) s
8 r (the) s
9 r (in-) s
1012 1900 p (ner) s
8 r (workings) s
7 r (of) s
7 r (the) s
7 r (virus) s
7 r (should) s
t-ita.300 @sf
7 r (not) s
t-rom.300 @sf
6 r (be) s
8 r (kept) s
8 r (hidden,) s
7 r (but) s
7 r (that) s
1012 1950 p (actual) s
12 r (source) s
11 r (code) s
12 r (was) s
12 r 97 c
12 r (dif) s
(ferent) s
9 r (matter) s
-1 r 46 c
16 r 87 c
-2 r 101 c
10 r (\(and) s
11 r (others\)) s
1012 2000 p (intended) s
10 r (to) s
10 r (write) s
10 r (about) s
10 r (the) s
10 r (algorithms) s
9 r (used) s
11 r (by) s
10 r (the) s
10 r (virus) s
10 r (so) s
1012 2049 p (that) s
12 r (people) s
13 r (would) s
11 r (learn) s
13 r (what) s
12 r (the) s
12 r (Internet) s
12 r (community) s
12 r (was) s
1012 2099 p (up) s
12 r (against.) s
20 r (This) s
12 r (meant) s
13 r (that) s
11 r (somebody) s
12 r (could) s
12 r (use) s
13 r (those) s
12 r (al-) s
1012 2149 p (gorithms) s
11 r (to) s
10 r (write) s
11 r 97 c
12 r (new) s
11 r (virus;) s
11 r (but) s
10 r (the) s
12 r (knowledge) s
10 r (required) s
1012 2199 p (to) s
12 r (do) s
12 r (so) s
13 r (is) s
12 r (much) s
13 r (greater) s
13 r (than) s
12 r (what) s
12 r (is) s
12 r (necessary) s
14 r (to) s
12 r (recom-) s
1012 2249 p (pile) s
12 r (the) s
12 r (source) s
12 r (code) s
12 r (with) s
11 r 97 c
13 r (new) s
-2 r 44 c
12 r (destructive) s
11 r (line) s
11 r (or) s
12 r (two) s
11 r (in) s
1012 2298 p (it.) s
13 r (The) s
10 r (ener) s
(gy) s
8 r (barrier) s
8 r (for) s
9 r (this) s
8 r (is) s
8 r (simply) s
8 r (too) s
8 r (low) s
-2 r 46 c
12 r (The) s
10 r (people) s
1012 2348 p (on) s
12 r (our) s
12 r (team) s
13 r (\(not) s
11 r (the) s
12 r (MIT) s
12 r (administration\)) s
10 r (decided) s
13 r (to) s
11 r (keep) s
1012 2398 p (our) s
8 r (source) s
8 r (private) s
7 r (until) s
6 r (things) s
6 r (calmed) s
9 r (down;) s
7 r (then) s
7 r (we) s
9 r (would) s
1012 2448 p (consider) s
10 r (to) s
9 r (whom) s
9 r (to) s
9 r (distribut) s
-1 r 101 c
8 r (the) s
10 r (program.) s
13 r 65 c
10 r (public) s
8 r (post-) s
1012 2498 p (ing) s
10 r (of) s
10 r (the) s
10 r (MIT) s
10 r (code) s
11 r (was) s
11 r (not) s
10 r (going) s
8 r (to) s
10 r (happen.) s
1054 2549 p (Jerry) s
15 r (Saltzer) s
-1 r 44 c
16 r (among) s
15 r (others,) s
17 r (has) s
15 r (ar) s
(gued) s
14 r (forcefully) s
14 r (that) s
1012 2599 p (the) s
11 r (code) s
11 r (itself) s
9 r (should) s
10 r (be) s
10 r (publicly) s
9 r (released) s
12 r (at) s
10 r (some) s
11 r (point) s
9 r (in) s
1012 2639 p 390 2 ru
cmr6.300 @sf
1040 2667 p (17) s
t-rom.240 @sf
1072 2678 p (He) s
12 r (almost) s
11 r (got) s
11 r (them) s
11 r (right,) s
12 r (except) s
11 r (that) s
11 r (he) s
11 r (turned) s
10 r (the) s
12 r (Laboratory) s
10 r (for) s
1012 2717 p (Computer) s
8 r (Science) s
7 r (into) s
8 r (the) s
8 r (Laboratory) s
7 r (for) s
8 r (Computer) s
7 r (Services.) s
t-rom.300 @sf
954 2842 p (13) s
@eop
14 @bop0
14 @bop1
t-rom.300 @sf
-36 96 p (the) s
7 r (future.) s
13 r (After) s
9 r (sites) s
9 r (have) s
9 r (had) s
9 r (enough) s
9 r (time) s
9 r (to) s
8 r 174 c
120 c
9 r (the) s
9 r (holes) s
-36 146 p (with) s
8 r (vendor) s
9 r (supplied) s
9 r (bug) s
10 r 174 c
(xes,) s
11 r (we) s
11 r (might) s
9 r (do) s
10 r (so.) s
t-bol.360 @sf
-36 273 p (3.7) s
49 r 84 c
-4 r (uesday:) s
24 r (The) s
19 r (NCSC) s
19 r (Meeting) s
t-rom.300 @sf
-36 354 p (On) s
5 r 84 c
(uesday) s
6 r 56 c
7 r (November) s
8 r (1988) s
6 r (Mark) s
7 r (Eichin) s
6 r (and) s
7 r (Jon) s
7 r (Rochlis) s
-36 404 p (attended) s
8 r (the) s
10 r (Baltimore) s
9 r (post-mortem) s
10 r (meeting) s
10 r (hosted) s
9 r (by) s
10 r (the) s
-36 454 p (NCSC.) s
13 r 87 c
-2 r 101 c
14 r (heard) s
16 r (about) s
14 r (the) s
14 r (meeting) s
15 r (indirectly) s
13 r (at) s
15 r (2:00am) s
-36 503 p (and) s
13 r 175 c
(ew) s
16 r (to) s
14 r (Baltimore) s
14 r (at) s
16 r (7:00am.) s
27 r (Figuring) s
13 r (there) s
15 r (was) s
16 r (no) s
-36 553 p (time) s
14 r (to) s
14 r (waste) s
16 r (with) s
15 r (silly) s
13 r (things) s
14 r (like) s
15 r (sleep,) s
17 r (we) s
16 r (worked) s
15 r (on) s
-36 603 p (drafts) s
10 r (of) s
12 r (this) s
12 r (document.) s
19 r (The) s
13 r (meeting) s
12 r (will) s
11 r (be) s
13 r (described) s
12 r (in) s
-36 653 p (more) s
11 r (detail) s
11 r (by) s
11 r (the) s
12 r (NCSC,) s
11 r (but) s
11 r (we) s
12 r (will) s
11 r (present) s
11 r 97 c
13 r (very) s
11 r (brief) s
-36 703 p (summary) s
9 r (here.) s
4 754 p (Attending) s
13 r (the) s
15 r (meeting) s
15 r (were) s
16 r (representatives) s
15 r (of) s
14 r (the) s
15 r (Na-) s
-36 804 p (tio) s
-1 r (nal) s
17 r (Institute) s
17 r (of) s
19 r (Science) s
20 r (and) s
19 r 84 c
-2 r (echnology) s
17 r (\(NIST\),) s
19 r (for-) s
-36 854 p (merly) s
8 r (the) s
9 r (National) s
8 r (Bureau) s
9 r (of) s
9 r (Standards,) s
10 r (the) s
9 r (Defense) s
10 r (Com-) s
-36 903 p (munication) s
-1 r 115 c
13 r (Agency) s
15 r (\(DCA\)) s
14 r 44 c
15 r (the) s
14 r (Defense) s
16 r (Advanced) s
15 r (Re-) s
-36 953 p (search) s
12 r (Projects) s
13 r (Agency) s
13 r (\(DARP) s
-3 r (A\),) s
12 r (the) s
12 r (Department) s
13 r (of) s
13 r (En-) s
-36 1003 p (er) s
(gy) s
17 r (\(DOE\),) s
20 r (the) s
20 r (Ballistics) s
18 r (Research) s
21 r (Laboratory) s
19 r (\(BRL\),) s
-36 1053 p (the) s
9 r (Lawrence) s
12 r (Livermore) s
11 r (National) s
9 r (Laboratory) s
10 r (\(LLNL\),) s
12 r (the) s
-36 1103 p (Central) s
10 r (Intelligence) s
11 r (Agency) s
13 r (\(CIA\),) s
12 r (the) s
12 r (University) s
10 r (of) s
12 r (Cal-) s
-36 1153 p (ifor) s
-1 r (nia) s
20 r (Berkeley) s
21 r (\(UCB\),) s
21 r (the) s
22 r (Massachusetts) s
22 r (Institute) s
20 r (of) s
-36 1202 p 84 c
-2 r (echnolo) s
-1 r (gy) s
10 r (\(MIT\),) s
12 r (Harvard) s
11 r (University) s
-2 r 44 c
11 r (SRI) s
11 r (International,) s
-36 1252 p (the) s
6 r (Federal) s
9 r (Bureau) s
8 r (of) s
7 r (Investigation) s
6 r (\(FBI\),) s
8 r (and) s
8 r (of) s
7 r (course) s
9 r (the) s
-36 1302 p (Nation) s
-1 r (al) s
11 r (Computer) s
11 r (Security) s
11 r (Center) s
12 r (\(NCSC\).) s
12 r (This) s
12 r (is) s
12 r (not) s
11 r 97 c
-36 1352 p (complete) s
8 r (list.) s
13 r (The) s
10 r (lack) s
9 r (of) s
9 r (any) s
9 r (vendor) s
9 r (participation) s
7 r (was) s
10 r (no-) s
-36 1402 p (table.) s
4 1453 p (Three-quarters) s
10 r (of) s
9 r (the) s
10 r (day) s
10 r (was) s
10 r (spent) s
9 r (discussing) s
9 r (what) s
10 r (had) s
-36 1503 p (happened) s
6 r (from) s
7 r (the) s
6 r (dif) s
(ferent) s
6 r (perspectives) s
7 r (of) s
7 r (those) s
7 r (attending.) s
-36 1553 p (This) s
10 r (included) s
11 r (chronologies,) s
11 r (actions) s
11 r (taken,) s
12 r (and) s
12 r (an) s
12 r (analysis) s
-36 1602 p (of) s
10 r (the) s
12 r (detailed) s
11 r (workings) s
10 r (of) s
12 r (the) s
12 r (virus;) s
11 r (Meanwhile) s
11 r (our) s
12 r (very) s
-36 1652 p (rough) s
8 r (draft) s
9 r (was) s
11 r (duplicated) s
10 r (and) s
10 r (handed) s
10 r (out.) s
4 1704 p (The) s
25 r (remaining) s
24 r (time) s
25 r (was) s
25 r (spent) s
24 r (discussing) s
24 r (what) s
24 r (we) s
-36 1753 p (learned) s
14 r (from) s
15 r (the) s
15 r (attack) s
15 r (and) s
15 r (what) s
15 r (should) s
14 r (be) s
15 r (done) s
15 r (to) s
15 r (pre-) s
-36 1803 p (pare) s
16 r (for) s
16 r (future) s
16 r (attacks.) s
33 r (This) s
16 r (was) s
18 r (much) s
17 r (harder) s
16 r (and) s
17 r (it) s
16 r (is) s
-36 1853 p (not) s
8 r (clear) s
11 r (that) s
10 r (feasible) s
11 r (solutions) s
8 r (emer) s
(ged,) s
12 r (though) s
8 r (there) s
11 r (was) s
-36 1903 p (much) s
8 r (agreement) s
10 r (on) s
9 r (several) s
9 r (motherhood) s
8 r (and) s
9 r (apple-pie) s
9 r (sug-) s
-36 1953 p (gestion) s
-1 r (s.) s
33 r (By) s
17 r (this) s
16 r (we) s
17 r (mean) s
18 r (the) s
17 r (recommendations) s
17 r (sound) s
-36 2003 p (good) s
9 r (and) s
12 r (and) s
12 r (by) s
11 r (themselves) s
13 r (are) s
12 r (not) s
11 r (objectionable,) s
11 r (but) s
11 r (we) s
-36 2052 p (doubt) s
7 r (they) s
10 r (will) s
9 r (be) s
11 r (ef) s
(fective.) s
t-bol.360 @sf
-36 2180 p (3.8) s
49 r 87 c
-2 r (ednesday-Friday:) s
42 r (The) s
28 r (Purdue) s
29 r (Inci-) s
75 2238 p (dent) s
t-rom.300 @sf
-36 2319 p (On) s
9 r 87 c
-2 r (ednesday) s
10 r (evening) s
10 r 57 c
11 r (November) s
11 r (1988,) s
10 r (Rich) s
10 r (Kulawiec) s
-36 2368 p (of) s
6 r (Purdue) s
8 r (posted) s
8 r (to) s
t-ita.300 @sf
7 r (phage@pur) s
-1 r (due.edu) s
t-rom.300 @sf
7 r (that) s
8 r (he) s
8 r (was) s
9 r (making) s
-36 2418 p (available) s
7 r (the) s
c-med.300 @sf
9 r (unas) s
t-rom.300 @sf
9 r (disassembler) s
10 r (that) s
8 r (he) s
9 r (\(and) s
9 r (others) s
9 r (at) s
9 r (Pur-) s
-36 2468 p (due\)) s
8 r (used) s
10 r (to) s
9 r (disassemble) s
11 r (the) s
10 r (virus.) s
13 r (He) s
10 r (also) s
10 r (made) s
11 r (available) s
-36 2518 p (the) s
11 r (output) s
10 r (of) s
12 r (running) s
10 r (the) s
12 r (virus) s
12 r (through) s
10 r (this) s
12 r (program.) s
19 r (Ru-) s
-36 2568 p (mor) s
6 r (spread) s
7 r (and) s
8 r (soon) s
6 r (the) s
8 r (NCSC) s
6 r (called) s
8 r (several) s
8 r (people) s
7 r (at) s
7 r (Pur-) s
-36 2617 p (due,) s
8 r (including) s
6 r (Gene) s
9 r (Spaf) s
(ford,) s
8 r (in) s
8 r (an) s
8 r (attempt) s
8 r (to) s
8 r (get) s
8 r (this) s
8 r (copy) s
-36 2667 p (of) s
11 r (the) s
13 r (virus) s
12 r (removed.) s
23 r (Eventually) s
12 r (the) s
13 r (President) s
12 r (of) s
13 r (Purdue) s
-36 2717 p (was) s
11 r (called) s
12 r (and) s
12 r (the) s
12 r 174 c
(le) s
12 r (was) s
12 r (deleted.) s
19 r (The) s
13 r (New) s
12 r 89 c
-3 r (ork) s
10 r 84 c
(imes) s
1012 96 p (ran) s
12 r 97 c
12 r (heavily) s
10 r (slanted) s
11 r (story) s
11 r (about) s
10 r (the) s
12 r (incident) s
10 r (on) s
11 r (Friday) s
10 r 49 c
-1 r 49 c
1012 146 p (November) s
11 r (1988[) s
(22) s
-2 r (].) s
1054 197 p (Several) s
13 r (mistakes) s
14 r (were) s
13 r (made) s
14 r (here.) s
22 r (First) s
12 r (the) s
13 r (NCSC) s
12 r (was) s
1012 247 p (concerned) s
13 r (about) s
11 r (the) s
12 r (wrong) s
11 r (thing.) s
18 r (The) s
12 r (disassembled) s
12 r (virus) s
1012 296 p (was) s
15 r (not) s
13 r (important) s
13 r (and) s
14 r (was) s
14 r (trivial) s
12 r (for) s
14 r (any) s
14 r (infected) s
13 r (site) s
14 r (to) s
1012 346 p (generate.) s
17 r (It) s
11 r (simply) s
10 r (was) s
12 r (not) s
10 r (anywhere) s
11 r (near) s
12 r (as) s
11 r (important) s
10 r (as) s
1012 396 p (the) s
15 r (decompiled) s
14 r (virus,) s
14 r (which) s
14 r (could) s
14 r (have) s
15 r (very) s
14 r (easily) s
14 r (have) s
1012 446 p (been) s
8 r (compiled) s
7 r (and) s
7 r (run.) s
12 r (When) s
8 r (the) s
6 r (MIT) s
8 r (group) s
6 r (was) s
7 r (indirectly) s
1012 496 p (informed) s
11 r (about) s
10 r (this) s
10 r (and) s
12 r (discovered) s
11 r (exactly) s
11 r (what) s
11 r (was) s
11 r (pub-) s
1012 545 p (licly) s
12 r (available,) s
14 r (we) s
14 r (wondered) s
12 r (what) s
13 r (the) s
13 r (big) s
12 r (deal) s
13 r (was.) s
23 r (Sec-) s
1012 595 p (ondly) s
-2 r 44 c
9 r (the) s
11 r (NCSC) s
10 r (acted) s
11 r (in) s
10 r 97 c
11 r (strong-handed) s
9 r (manner) s
11 r (that) s
10 r (up-) s
1012 645 p (set) s
11 r (the) s
10 r (people) s
10 r (at) s
10 r (Purdue) s
10 r (who) s
10 r (got) s
10 r (pushed) s
10 r (around.) s
1054 696 p (Other) s
13 r (similar) s
12 r (incidents) s
13 r (occurred) s
13 r (around) s
13 r (the) s
13 r (same) s
14 r (time.) s
1012 746 p (Jean) s
15 r (Diaz) s
14 r (of) s
14 r (the) s
14 r (MIT) s
14 r (SIPB,) s
14 r (fowarded) s
13 r 97 c
15 r (partially) s
12 r (decom-) s
1012 795 p (piled) s
16 r (copy) s
16 r (of) s
16 r (the) s
16 r (virus) s
cmr7.300 @sf
1411 781 p (18) s
t-rom.300 @sf
1462 795 p (to) s
t-ita.300 @sf
16 r (phage@pur) s
-1 r (due.edu) s
t-rom.300 @sf
15 r (at) s
17 r (some) s
1012 845 p (time) s
11 r (on) s
10 r (Friday) s
10 r 52 c
10 r (November) s
10 r (1988,) s
10 r (but) s
10 r (it) s
9 r (spent) s
10 r (several) s
11 r (days) s
1012 895 p (in) s
9 r 97 c
10 r (mail) s
10 r (queue) s
10 r (on) s
t-ita.300 @sf
9 r (hplabs.hp.com) s
t-rom.300 @sf
9 r (before) s
9 r (surfacing.) s
14 r (Thus) s
9 r (it) s
1012 945 p (had) s
9 r (been) s
8 r (posted) s
8 r (before) s
8 r (any) s
9 r (of) s
7 r (the) s
8 r (discussion) s
8 r (of) s
7 r (source) s
9 r (code) s
1012 995 p (release) s
12 r (had) s
11 r (occurred.) s
15 r (It) s
10 r (also) s
11 r (was) s
11 r (very) s
11 r (incomplete) s
10 r (and) s
10 r (thus) s
1012 1045 p (posed) s
14 r (little) s
12 r (danger) s
13 r (since) s
14 r (the) s
14 r (ef) s
(fort) s
12 r (required) s
13 r (to) s
13 r (turn) s
12 r (it) s
13 r (into) s
1012 1094 p 97 c
12 r (working) s
9 r (virus) s
9 r (was) s
12 r (akin) s
10 r (to) s
10 r (the) s
10 r (ef) s
(fort) s
10 r (required) s
10 r (to) s
10 r (write) s
10 r (the) s
1012 1144 p (virus) s
10 r (from) s
10 r (scratch.) s
1054 1195 p (These) s
13 r (two) s
11 r (incidents,) s
11 r (however) s
-1 r 44 c
11 r (caused) s
13 r (the) s
11 r (press) s
12 r (to) s
11 r (think) s
1012 1245 p (that) s
11 r 97 c
11 r (second) s
11 r (outbreak) s
10 r (of) s
10 r (the) s
11 r (virus) s
10 r (had) s
10 r (once) s
12 r (again) s
10 r (brought) s
1012 1295 p (the) s
12 r (network) s
11 r (to) s
11 r (its) s
11 r (knees.) s
19 r (Robert) s
10 r (French,) s
13 r (of) s
11 r (the) s
12 r (MIT) s
12 r (SIPB) s
1012 1344 p (and) s
18 r (Project) s
17 r (Athena,) s
19 r (took) s
16 r (one) s
17 r (such) s
18 r (call) s
17 r (on) s
17 r (Thursday) s
17 r (10) s
1012 1394 p (November) s
11 r (and) s
10 r (informed) s
9 r (the) s
10 r (reporter) s
9 r (that) s
10 r (no) s
9 r (such) s
10 r (outbreak) s
1012 1444 p (had) s
11 r (occurred.) s
15 r (Apparently) s
9 r (rumors) s
10 r (of) s
10 r (source) s
11 r (code) s
11 r (availabil-) s
1012 1494 p (ity) s
10 r (\(the) s
10 r (Purdue) s
9 r (incident) s
10 r (and) s
10 r (Jean') s
-1 r 115 c
10 r (posting\)) s
8 r (led) s
10 r (to) s
10 r (the) s
10 r (erro-) s
1012 1544 p (neous) s
9 r (conclusion) s
9 r (that) s
8 r (enough) s
8 r (information) s
8 r (of) s
8 r (some) s
10 r (sort) s
9 r (had) s
1012 1593 p (been) s
9 r (let) s
8 r (out) s
7 r (and) s
8 r (damage) s
9 r (had) s
8 r (been) s
9 r (done.) s
13 r (Rumor) s
7 r (control) s
7 r (was) s
1012 1643 p (once) s
11 r (again) s
11 r (shown) s
9 r (to) s
10 r (be) s
11 r (important.) s
t-bol.420 @sf
1012 1789 p 52 c
59 r (Lessons) s
21 r (and) s
23 r (Open) s
23 r (Issues) s
t-rom.300 @sf
1012 1883 p (The) s
14 r (virus) s
12 r (incident) s
12 r (taught) s
12 r (many) s
13 r (important) s
12 r (lessons.) s
22 r (It) s
13 r (also) s
1012 1933 p (brought) s
8 r (up) s
9 r (many) s
9 r (more) s
10 r (dif) s
174 c
(cult) s
7 r (issues) s
9 r (which) s
9 r (need) s
9 r (to) s
9 r (be) s
9 r (ad-) s
1012 1983 p (dressed) s
11 r (in) s
10 r (the) s
10 r (future) s
10 r 46 c
t-bol.360 @sf
1012 2107 p (4.1) s
51 r (Lessons) s
30 r (fr) s
(om) s
28 r (the) s
28 r (Community') s
-1 r 115 c
28 r (Reac-) s
1125 2165 p (tions) s
t-rom.300 @sf
1012 2245 p (The) s
17 r (chronology) s
15 r (of) s
16 r (events) s
16 r (is) s
16 r (interesting.) s
30 r (The) s
17 r (manner) s
17 r (in) s
1012 2294 p (which) s
15 r (the) s
15 r (Internet) s
14 r (community) s
14 r (reacted) s
15 r (to) s
15 r (the) s
14 r (virus) s
14 r (attack) s
1012 2344 p (points) s
7 r (out) s
6 r (areas) s
9 r (of) s
7 r (concern) s
9 r (or) s
7 r (at) s
7 r (least) s
8 r (issues) s
8 r (for) s
7 r (future) s
7 r (study) s
-2 r 46 c
cmsy10.300 @sf
1054 2440 p 15 c
t-rom.300 @sf
20 r (Connectivity) s
5 r (was) s
8 r (important.) s
12 r (Sites) s
7 r (which) s
7 r (disconnected) s
1095 2489 p (from) s
10 r (the) s
9 r (network) s
8 r (at) s
10 r (the) s
9 r 174 c
(rst) s
9 r (sign) s
8 r (of) s
9 r (trouble) s
8 r (hurt) s
9 r (them-) s
1095 2539 p (selves) s
10 r (and) s
9 r (the) s
8 r (community) s
-2 r 46 c
12 r (Not) s
8 r (only) s
8 r (could) s
8 r (they) s
8 r (not) s
8 r (re-) s
1095 2589 p (port) s
12 r (their) s
11 r (experiences) s
13 r (and) s
13 r 174 c
(ndings,) s
12 r (but) s
11 r (they) s
12 r (couldn') s
116 c
1095 2639 p (get) s
15 r (timely) s
14 r (bug) s
14 r 174 c
(xes.) s
28 r (Furthermore,) s
16 r (other) s
14 r (sites) s
15 r (using) s
1012 2678 p 390 2 ru
cmr6.300 @sf
1040 2706 p (18) s
t-rom.240 @sf
1072 2717 p (This) s
9 r (was) s
8 r (the) s
7 r (work) s
8 r (of) s
8 r (Don) s
7 r (Becker) s
8 r (of) s
8 r (Harris) s
8 r (Corporation.) s
t-rom.300 @sf
954 2842 p (14) s
@eop
15 @bop0
15 @bop1
t-rom.300 @sf
46 96 p (them) s
8 r (as) s
8 r (mail) s
8 r (relays) s
9 r (were) s
8 r (crippled,) s
8 r (thus) s
8 r (delaying) s
7 r (deliv-) s
46 146 p (ery) s
9 r (of) s
10 r (important) s
8 r (mail,) s
10 r (such) s
10 r (as) s
11 r (Andy) s
9 r (Sudduth') s
-2 r 115 c
8 r (Thurs-) s
46 196 p (day) s
10 r (morning) s
10 r (posting,) s
10 r (until) s
9 r (after) s
10 r (the) s
11 r (crisis) s
11 r (had) s
10 r (passed.) s
46 246 p (Sites) s
11 r (like) s
12 r (MIT) s
12 r (and) s
12 r (Berkeley) s
12 r (were) s
12 r (able) s
13 r (to) s
11 r (collaborate) s
46 295 p (in) s
7 r 97 c
8 r (meaningful) s
7 r (manner) s
8 r (because) s
9 r (they) s
7 r (never) s
8 r (took) s
7 r (them-) s
46 345 p (selves) s
10 r (of) s
102 c
9 r (the) s
10 r (network.) s
cmsy10.300 @sf
4 443 p 15 c
t-rom.300 @sf
21 r (The) s
15 r 96 c
-2 r (`old) s
13 r (boy) s
15 r (network') s
-2 r 39 c
13 r (worked.) s
28 r (People) s
15 r (called) s
16 r (and) s
46 492 p (sent) s
21 r (electronic) s
21 r (mail) s
22 r (to) s
20 r (the) s
22 r (people) s
21 r (they) s
21 r (knew) s
22 r (and) s
46 542 p (trusted) s
22 r (and) s
23 r (much) s
23 r (good) s
23 r (communication) s
22 r (happened.) s
46 592 p (This) s
10 r (can') s
116 c
10 r (be) s
10 r (formalized) s
11 r (but) s
9 r (it) s
10 r (did) s
10 r (function) s
8 r (quite) s
10 r (well) s
46 642 p (in) s
9 r (the) s
10 r (face) s
12 r (of) s
10 r (the) s
10 r (crisis.) s
cmsy10.300 @sf
4 739 p 15 c
t-rom.300 @sf
21 r (Late) s
18 r (night) s
16 r (authentication) s
16 r (is) s
18 r (an) s
18 r (interesting) s
16 r (problem.) s
46 789 p (How) s
22 r (did) s
22 r (you) s
22 r (know) s
22 r (that) s
22 r (it) s
22 r (really) s
22 r (is) s
23 r (MIT) s
22 r (on) s
23 r (the) s
46 839 p (phone?) s
12 r (How) s
8 r (did) s
6 r (you) s
7 r (know) s
7 r (that) s
7 r (Keith) s
6 r (Bostic') s
-1 r 115 c
6 r (patch) s
7 r (to) s
c-med.300 @sf
46 889 p (sendmail) s
t-rom.300 @sf
9 r (is) s
11 r (really) s
10 r 97 c
11 r 174 c
120 c
11 r (and) s
10 r (isn') s
116 c
9 r (introducing) s
8 r 97 c
11 r (new) s
46 939 p (problem?) s
23 r (Did) s
12 r (Keith) s
13 r (really) s
13 r (send) s
14 r (the) s
13 r 174 c
120 c
13 r (or) s
13 r (was) s
14 r (it) s
13 r (his) s
46 988 p (evil) s
9 r (twin,) s
10 r (Skippy?) s
cmsy10.300 @sf
4 1086 p 15 c
t-rom.300 @sf
21 r (Whom) s
14 r (do) s
13 r (you) s
14 r (call?) s
25 r (If) s
14 r (you) s
13 r (need) s
14 r (to) s
14 r (talk) s
13 r (to) s
13 r (the) s
14 r (man-) s
46 1136 p (ager) s
13 r (of) s
12 r (the) s
13 r (Ohio) s
12 r (State) s
13 r (University) s
11 r (network) s
12 r (at) s
13 r (3:00am) s
46 1186 p (whom) s
13 r (do) s
14 r (you) s
13 r (call?) s
26 r (How) s
14 r (many) s
14 r (people) s
14 r (can) s
15 r 174 c
(nd) s
13 r (that) s
46 1235 p (information,) s
8 r (and) s
11 r (is) s
10 r (the) s
10 r (information) s
8 r (up) s
10 r (to) s
10 r (date?) s
cmsy10.300 @sf
4 1333 p 15 c
t-rom.300 @sf
21 r (Speaker) s
16 r (phones) s
16 r (and) s
16 r (conference) s
17 r (calling) s
15 r (proved) s
16 r (very) s
46 1383 p (useful.) s
cmsy10.300 @sf
4 1480 p 15 c
t-rom.300 @sf
21 r (How) s
9 r (groups) s
8 r (formed) s
9 r (and) s
10 r (who) s
9 r (led) s
9 r (them) s
9 r (is) s
9 r 97 c
10 r (fascinating) s
46 1530 p (topic) s
8 r (for) s
9 r (future) s
8 r (study) s
-2 r 46 c
12 r (Don) s
9 r (Alvarez) s
10 r (of) s
9 r (the) s
9 r (MIT) s
10 r (Center) s
46 1580 p (for) s
9 r (Space) s
12 r (Research) s
12 r (presented) s
10 r (his) s
10 r (observations) s
9 r (on) s
10 r (this) s
46 1630 p (at) s
10 r (the) s
10 r (NCSC) s
10 r (meeting.) s
cmsy10.300 @sf
4 1727 p 15 c
t-rom.300 @sf
21 r (Misinformatio) s
-1 r 110 c
21 r (and) s
23 r (illusions) s
21 r (ran) s
23 r (rampant.) s
52 r (Mike) s
46 1777 p (Muuss) s
8 r (categorized) s
9 r (several) s
9 r (of) s
8 r (these) s
9 r (at) s
9 r (the) s
8 r (NCSC) s
8 r (meet-) s
46 1827 p (ing.) s
13 r (Our) s
9 r (spotting) s
8 r (of) s
9 r 97 c
10 r (handshake) s
10 r (with) s
t-ita.300 @sf
9 r (ernie) s
t-rom.300 @sf
10 r (is) s
10 r (but) s
9 r (one) s
46 1877 p (example.) s
cmsy10.300 @sf
4 1974 p 15 c
t-rom.300 @sf
21 r 84 c
-2 r (ools) s
14 r (were) s
16 r (not) s
15 r (as) s
16 r (important) s
14 r (as) s
16 r (one) s
16 r (would) s
14 r (have) s
16 r (ex-) s
46 2024 p (pectd.) s
15 r (Most) s
10 r (of) s
10 r (decompiling) s
9 r (work) s
10 r (was) s
12 r (done) s
10 r (manually) s
46 2074 p (with) s
10 r (no) s
11 r (more) s
12 r (tools) s
10 r (than) s
12 r 97 c
12 r (disassembler) s
12 r 40 c
c-med.300 @sf
(adb) s
t-rom.300 @sf
41 c
11 r (and) s
11 r (an) s
46 2124 p (architecture) s
10 r (manual.) s
15 r (Based) s
11 r (on) s
9 r (its) s
10 r (experience) s
11 r (with) s
10 r (PC) s
46 2173 p (viruses,) s
11 r (the) s
12 r (NCSC) s
11 r (feels) s
12 r (that) s
11 r (more) s
11 r (sophisticated) s
11 r (tools) s
46 2223 p (must) s
11 r (be) s
11 r (developed.) s
17 r (While) s
10 r (this) s
11 r (may) s
11 r (be) s
12 r (true) s
11 r (for) s
10 r (future) s
46 2273 p (attacks,) s
11 r (it) s
9 r (was) s
11 r (not) s
9 r (the) s
10 r (case) s
12 r (for) s
10 r (this) s
9 r (attack.) s
cmsy10.300 @sf
4 2370 p 15 c
t-rom.300 @sf
21 r (Source) s
17 r (availability) s
16 r (was) s
18 r (important.) s
34 r (All) s
17 r (of) s
17 r (the) s
18 r (sites) s
46 2420 p (which) s
12 r (responded) s
13 r (quickly) s
12 r (and) s
14 r (made) s
14 r (progress) s
13 r (in) s
13 r (truly) s
46 2470 p (understanding) s
8 r (the) s
10 r (virus) s
10 r (had) s
10 r (UNIX) s
10 r (source) s
11 r (code.) s
cmsy10.300 @sf
4 2568 p 15 c
t-rom.300 @sf
21 r (The) s
12 r (academic) s
14 r (sites) s
12 r (performed) s
12 r (best.) s
19 r (Government) s
12 r (and) s
46 2617 p (commercial) s
14 r (sites) s
14 r (lagged) s
13 r (behind) s
13 r (places) s
15 r (like) s
13 r (Berkeley) s
46 2667 p (and) s
10 r (MIT) s
10 r (in) s
10 r 174 c
(guring) s
9 r (out) s
9 r (what) s
10 r (was) s
11 r (going) s
9 r (on) s
10 r (and) s
10 r (creat-) s
46 2717 p (ing) s
9 r (solutions.) s
cmsy10.300 @sf
1054 96 p 15 c
t-rom.300 @sf
20 r (Managing) s
16 r (the) s
16 r (press) s
17 r (was) s
17 r (critical.) s
32 r 87 c
-2 r 101 c
16 r (were) s
17 r (not) s
15 r (dis-) s
1095 146 p (tracted) s
17 r (by) s
17 r (the) s
16 r (press) s
17 r (and) s
17 r (were) s
17 r (able) s
17 r (to) s
16 r (be) s
17 r (quite) s
16 r (pro-) s
1095 196 p (ductive.) s
18 r (The) s
12 r (MIT) s
12 r (News) s
13 r (of) s
174 c
(ce) s
11 r (did) s
11 r 97 c
12 r 174 c
(ne) s
12 r (job) s
11 r (keeping) s
1095 246 p (the) s
13 r (press) s
14 r (informed) s
12 r (and) s
13 r (out) s
13 r (of) s
13 r (the) s
12 r (way) s
-2 r 46 c
23 r (Batching) s
12 r (the) s
1095 295 p (numerous) s
15 r (requests) s
15 r (into) s
14 r (one) s
15 r (press) s
15 r (conference) s
16 r (helped) s
1095 345 p (tremendously) s
-2 r 46 c
13 r (The) s
11 r (Berkeley) s
10 r (group,) s
10 r (among) s
10 r (others,) s
10 r (re-) s
1095 395 p (ported) s
13 r (that) s
12 r (it) s
12 r (was) s
14 r (dif) s
174 c
(cult) s
11 r (to) s
13 r (get) s
12 r (work) s
13 r (done) s
13 r (with) s
12 r (the) s
1095 445 p (press) s
11 r (constantly) s
9 r (hounding) s
8 r (them.) s
t-bol.360 @sf
1012 562 p (4.2) s
51 r (General) s
18 r (Points) s
19 r (for) s
19 r (the) s
18 r (Futur) s
101 c
t-rom.300 @sf
1012 640 p (More) s
11 r (general) s
11 r (issues) s
10 r (have) s
11 r (popped) s
10 r (to) s
9 r (the) s
11 r (surface) s
11 r (because) s
12 r (of) s
1012 689 p (the) s
11 r (virus.) s
13 r (These) s
11 r (include) s
10 r (the) s
10 r (following) s
-1 r 58 c
cmsy10.300 @sf
1054 773 p 15 c
t-rom.300 @sf
20 r (Least) s
16 r (Privilege.) s
27 r (This) s
14 r (basic) s
15 r (security) s
15 r (principle) s
13 r (is) s
15 r (fre-) s
1095 823 p (quently) s
9 r (ignored) s
10 r (and) s
10 r (this) s
9 r (can) s
11 r (result) s
10 r (in) s
10 r (disaster) s
-1 r 46 c
cmsy10.300 @sf
1054 903 p 15 c
t-rom.300 @sf
20 r 96 c
-2 r (`W) s
-2 r 101 c
10 r (have) s
13 r (met) s
12 r (the) s
12 r (enemy) s
13 r (and) s
12 r (he) s
12 r (is) s
12 r (us.') s
-2 r 39 c
18 r (The) s
13 r (alleged) s
1095 953 p (author) s
9 r (of) s
9 r (the) s
9 r (virus) s
9 r (has) s
9 r (made) s
11 r (contributi) s
-1 r (ons) s
7 r (to) s
9 r (the) s
9 r (com-) s
1095 1003 p (puter) s
14 r (security) s
14 r 174 c
(eld) s
15 r (and) s
14 r (was) s
15 r (by) s
14 r (any) s
15 r (de) s
174 c
(nition) s
13 r (an) s
14 r (in-) s
1095 1052 p (sider;) s
12 r (the) s
11 r (attack) s
12 r (did) s
11 r (not) s
11 r (come) s
12 r (from) s
12 r (an) s
12 r (outside) s
10 r (source) s
1095 1102 p (who) s
8 r (obtained) s
8 r (sensitive) s
8 r (information,) s
7 r (and) s
8 r (restricting) s
7 r (in-) s
1095 1152 p (formation) s
10 r (such) s
11 r (as) s
11 r (source) s
11 r (code) s
11 r (would) s
9 r (not) s
10 r (have) s
11 r (helped) s
1095 1202 p (prevent) s
10 r (this) s
10 r (incident.) s
cmsy10.300 @sf
1054 1282 p 15 c
t-rom.300 @sf
20 r (Diversity) s
16 r (is) s
16 r (good.) s
33 r (Though) s
16 r (the) s
16 r (virus) s
16 r (picked) s
16 r (on) s
17 r (the) s
1095 1332 p (most) s
13 r (widespread) s
13 r (operating) s
11 r (system) s
14 r (used) s
12 r (on) s
13 r (the) s
12 r (Inter-) s
1095 1381 p (net) s
11 r (and) s
11 r (on) s
11 r (the) s
11 r (two) s
10 r (most) s
11 r (popular) s
10 r (machine) s
11 r (types,) s
12 r (most) s
1095 1431 p (of) s
11 r (the) s
10 r (machines) s
11 r (on) s
11 r (the) s
10 r (network) s
9 r (were) s
12 r (never) s
11 r (in) s
9 r (danger) s
-1 r 46 c
1095 1481 p 65 c
11 r (wider) s
10 r (variety) s
9 r (of) s
10 r (implementations) s
9 r (is) s
10 r (probably) s
9 r (good,) s
1095 1531 p (not) s
11 r (bad.) s
17 r (There) s
12 r (is) s
11 r 97 c
12 r (direct) s
10 r (analogy) s
11 r (with) s
10 r (biological) s
9 r (ge-) s
1095 1581 p (netic) s
11 r (diversity) s
8 r (to) s
10 r (be) s
10 r (made.) s
cmsy10.300 @sf
1054 1661 p 15 c
t-rom.300 @sf
20 r 96 c
-2 r (`The) s
22 r (cure) s
24 r (shouldn') s
-1 r 116 c
21 r (be) s
23 r (worse) s
23 r (than) s
22 r (the) s
23 r (disease.') s
-2 r 39 c
1095 1710 p (Chuck) s
8 r (Cole) s
8 r (made) s
9 r (this) s
7 r (point) s
7 r (and) s
8 r (Clif) s
102 c
6 r (Stoll) s
7 r (also) s
8 r (ar) s
(gued) s
1095 1760 p (that) s
10 r (it) s
10 r (may) s
11 r (be) s
11 r (more) s
11 r (expensive) s
11 r (to) s
10 r (prevent) s
10 r (such) s
11 r (attacks) s
1095 1810 p (than) s
11 r (it) s
10 r (is) s
10 r (to) s
10 r (clean) s
11 r (up) s
11 r (after) s
10 r (them.) s
16 r (Backups) s
10 r (are) s
12 r (good.) s
14 r (It) s
1095 1860 p (may) s
12 r (be) s
11 r (cheaper) s
12 r (to) s
10 r (restore) s
11 r (from) s
10 r (backups) s
11 r (than) s
10 r (to) s
10 r (try) s
10 r (to) s
1095 1910 p 174 c
(gure) s
11 r (out) s
9 r (what) s
10 r (damage) s
12 r (an) s
10 r (attacker) s
11 r (has) s
11 r (done[) s
54 c
-1 r (].) s
cmsy10.300 @sf
1054 1990 p 15 c
t-rom.300 @sf
20 r (Defenses) s
t-ita.300 @sf
17 r (must) s
t-rom.300 @sf
15 r (be) s
16 r (at) s
15 r (the) s
16 r (host) s
15 r (level,) s
17 r (not) s
14 r (the) s
15 r (network) s
1095 2039 p (level.) s
36 r (Mike) s
17 r (Muuss) s
17 r (and) s
18 r (Clif) s
102 c
15 r (Stoll) s
16 r (have) s
18 r (made) s
18 r (this) s
1095 2089 p (point) s
11 r (quite) s
10 r (eloquently[) s
54 c
-2 r (].) s
18 r (The) s
13 r (network) s
11 r (performed) s
11 r (its) s
1095 2139 p (function) s
8 r (perfectly) s
8 r (and) s
9 r (should) s
7 r (not) s
8 r (be) s
9 r (faulted;) s
8 r (the) s
9 r (tragic) s
1095 2189 p 175 c
(aws) s
12 r (were) s
12 r (in) s
10 r (several) s
11 r (application) s
10 r (programs.) s
15 r (Attempts) s
1095 2239 p (to) s
10 r 174 c
120 c
10 r (the) s
9 r (network) s
9 r (are) s
11 r (misguided.) s
13 r (Jef) s
102 c
10 r (Schiller) s
9 r (likes) s
9 r (to) s
1095 2288 p (use) s
9 r (an) s
9 r (analogy) s
7 r (with) s
8 r (the) s
8 r (highway) s
7 r (system:) s
13 r (anybody) s
7 r (can) s
1095 2338 p (drive) s
13 r (up) s
13 r (to) s
12 r (your) s
13 r (house) s
13 r (and) s
13 r (probably) s
12 r (break) s
13 r (into) s
12 r (your) s
1095 2388 p (home,) s
15 r (but) s
12 r (that) s
12 r (does) s
13 r (not) s
13 r (mean) s
14 r (we) s
13 r (should) s
12 r (close) s
13 r (down) s
1095 2438 p (the) s
11 r (roads) s
10 r (or) s
10 r (put) s
9 r (armed) s
11 r (guards) s
10 r (on) s
10 r (the) s
10 r (exit) s
10 r (ramps.) s
cmsy10.300 @sf
1054 2518 p 15 c
t-rom.300 @sf
20 r (Logging) s
15 r (information) s
13 r (is) s
15 r (important.) s
28 r (The) s
c-med.300 @sf
16 r (inetd) s
t-rom.300 @sf
16 r (and) s
c-med.300 @sf
1095 2568 p (telnetd) s
t-rom.300 @sf
13 r (interaction) s
12 r (logging) s
11 r (the) s
13 r (source) s
14 r (of) s
12 r (virus) s
13 r (at-) s
1095 2617 p (tacks) s
10 r (turned) s
8 r (out) s
9 r (to) s
8 r (be) s
10 r 97 c
9 r (lucky) s
9 r (break,) s
10 r (but) s
8 r (even) s
10 r (so) s
9 r (many) s
1095 2667 p (sites) s
14 r (did) s
12 r (not) s
13 r (have) s
14 r (enough) s
12 r (logging) s
11 r (information) s
12 r (avail-) s
1095 2717 p (able) s
12 r (to) s
11 r (identify) s
10 r (the) s
12 r (source) s
12 r (or) s
11 r (times) s
12 r (of) s
11 r (infection.) s
17 r (This) s
954 2842 p (15) s
@eop
16 @bop0
16 @bop1
t-rom.300 @sf
46 96 p (greatly) s
6 r (hindered) s
6 r (the) s
7 r (responses,) s
8 r (since) s
7 r (people) s
7 r (frequently) s
46 146 p (had) s
9 r (to) s
9 r (install) s
9 r (new) s
9 r (programs) s
10 r (which) s
9 r (logged) s
9 r (more) s
10 r (infor-) s
46 196 p (mation.) s
14 r (On) s
10 r (the) s
10 r (other) s
10 r (hand,) s
11 r (logging) s
8 r (information) s
9 r (tends) s
46 246 p (to) s
11 r (accumulate) s
13 r (quickly) s
11 r (and) s
12 r (is) s
12 r (rarely) s
12 r (referenced.) s
21 r (Thus) s
46 295 p (it) s
11 r (is) s
12 r (frequently) s
11 r (automatically) s
11 r (pur) s
(ged.) s
18 r (If) s
12 r (we) s
13 r (log) s
11 r (help-) s
46 345 p (ful) s
9 r (information,) s
9 r (but) s
10 r 174 c
(nd) s
10 r (it) s
9 r (is) s
11 r (quickly) s
9 r (pur) s
(ged,) s
9 r (we) s
11 r (have) s
46 395 p (not) s
9 r (improved) s
10 r (the) s
10 r (situtation) s
8 r (much) s
11 r (at) s
11 r (all.) s
14 r (Mike) s
10 r (Muuss-) s
46 445 p (points) s
9 r (out) s
10 r (that) s
11 r (frequently) s
10 r (one) s
11 r (can) s
12 r (retrieve) s
11 r (such) s
11 r (infor-) s
46 495 p (mation) s
9 r (from) s
10 r (backups[) s
54 c
(],) s
10 r (but) s
10 r (this) s
9 r (is) s
10 r (not) s
10 r (always) s
10 r (true.) s
cmsy10.300 @sf
4 578 p 15 c
t-rom.300 @sf
21 r (Denial) s
17 r (of) s
17 r (service) s
19 r (attacks) s
18 r (are) s
18 r (easy) s
-2 r 46 c
37 r (The) s
18 r (Internet) s
17 r (is) s
46 628 p (amazingly) s
14 r (vulnerable) s
13 r (to) s
13 r (such) s
14 r (attacks.) s
26 r (These) s
15 r (attacks) s
46 677 p (are) s
7 r (quite) s
6 r (dif) s
174 c
(cult) s
5 r (to) s
6 r (prevent,) s
8 r (but) s
6 r (we) s
7 r (could) s
6 r (be) s
8 r (much) s
7 r (bet-) s
46 727 p (ter) s
7 r (prepared) s
8 r (to) s
7 r (identify) s
6 r (their) s
7 r (sources) s
9 r (than) s
7 r (we) s
8 r (are) s
9 r (today) s
-2 r 46 c
46 777 p (For) s
7 r (example,) s
9 r (currently) s
7 r (it) s
6 r (is) s
8 r (not) s
7 r (hard) s
7 r (to) s
7 r (imagine) s
8 r (writing) s
46 827 p 97 c
13 r (program) s
12 r (or) s
12 r (set) s
13 r (of) s
12 r (programs) s
13 r (which) s
12 r (crash) s
13 r (two-third) s
-1 r 115 c
46 877 p (of) s
16 r (the) s
16 r (existing) s
15 r (Sun) s
16 r 87 c
-2 r (orkstati) s
-1 r (ons) s
15 r (or) s
16 r (other) s
16 r (machines) s
46 926 p (implementing) s
9 r (Sun') s
-1 r 115 c
10 r (Network) s
10 r (Filesystem) s
11 r (\(NFS\).) s
12 r (This) s
46 976 p (is) s
12 r (serious) s
12 r (since) s
13 r (such) s
13 r (machines) s
13 r (are) s
13 r (the) s
13 r (most) s
12 r (common) s
46 1026 p (computers) s
14 r (connected) s
15 r (to) s
14 r (the) s
14 r (Internet.) s
26 r (Also,) s
15 r (the) s
15 r (total) s
46 1076 p (lack) s
15 r (of) s
14 r (authentication) s
13 r (and) s
15 r (authorization) s
13 r (for) s
14 r (network) s
46 1126 p (level) s
10 r (routing) s
9 r (makes) s
11 r (it) s
10 r (possible) s
10 r (for) s
10 r (an) s
11 r (ordinary) s
9 r (user) s
11 r (to) s
46 1175 p (disrupt) s
5 r (communications) s
6 r (for) s
7 r 97 c
7 r (lar) s
(ge) s
6 r (portion) s
5 r (of) s
7 r (the) s
6 r (Inter-) s
46 1225 p (net.) s
13 r (Both) s
6 r (tasks) s
8 r (could) s
6 r (be) s
8 r (easily) s
8 r (done) s
7 r (in) s
7 r 97 c
8 r (manner) s
8 r (which) s
46 1275 p (makes) s
12 r (tracking) s
10 r (down) s
11 r (the) s
11 r (initiator) s
9 r (extremely) s
11 r (dif) s
174 c
(cult,) s
46 1325 p (if) s
9 r (not) s
10 r (impossible.) s
cmsy10.300 @sf
4 1408 p 15 c
t-rom.300 @sf
21 r 65 c
12 r (central) s
13 r (security) s
12 r 174 c
120 c
12 r (repository) s
11 r (may) s
13 r (be) s
13 r 97 c
13 r (good) s
12 r (idea.) s
46 1458 p 86 c
-4 r (endors) s
t-ita.300 @sf
10 r (must) s
t-rom.300 @sf
12 r (participate.) s
17 r (End) s
12 r (users,) s
13 r (who) s
11 r (likely) s
11 r (only) s
46 1508 p (want) s
12 r (to) s
12 r (get) s
13 r (their) s
12 r (work) s
12 r (done,) s
13 r (must) s
13 r (be) s
13 r (educated) s
13 r (about) s
46 1557 p (the) s
10 r (importance) s
10 r (of) s
10 r (installin) s
-1 r 103 c
9 r (security) s
9 r 174 c
(xes.) s
cmsy10.300 @sf
4 1641 p 15 c
t-rom.300 @sf
21 r (Knee-jerk) s
9 r (reactions) s
10 r (should) s
9 r (be) s
10 r (avoided.) s
13 r (Openness) s
11 r (and) s
46 1690 p (free) s
8 r 175 c
(ow) s
8 r (of) s
8 r (information) s
6 r (is) s
8 r (the) s
8 r (whole) s
7 r (point) s
7 r (of) s
8 r (network-) s
46 1740 p (ing,) s
8 r (and) s
9 r (funding) s
6 r (agencies) s
10 r (should) s
8 r (not) s
7 r (be) s
9 r (encouraged) s
9 r (to) s
46 1790 p (do) s
6 r (anything) s
6 r (damaging) s
7 r (to) s
7 r (this) s
7 r (without) s
5 r (very) s
7 r (careful) s
8 r (con-) s
46 1840 p (sideration.) s
18 r (Network) s
12 r (connectivity) s
11 r (proved) s
11 r (its) s
12 r (worth) s
11 r (as) s
46 1890 p (an) s
8 r (aid) s
8 r (to) s
8 r (collaboration) s
6 r (by) s
8 r (playing) s
7 r (an) s
9 r (invaluable) s
7 r (role) s
8 r (in) s
46 1939 p (the) s
12 r (defense) s
14 r (and) s
12 r (analysis) s
13 r (ef) s
(forts) s
11 r (during) s
12 r (the) s
12 r (crisis,) s
13 r (de-) s
46 1989 p (spite) s
9 r (the) s
10 r (sites) s
11 r (which) s
9 r (isolated) s
10 r (themselves.) s
t-bol.420 @sf
-36 2129 p 53 c
57 r (Acknowledgments) s
t-rom.300 @sf
-36 2222 p (Many) s
5 r (people) s
7 r (contributed) s
5 r (to) s
7 r (our) s
6 r (ef) s
(fort) s
6 r (to) s
6 r (take) s
7 r (apart) s
7 r (the) s
7 r (virus.) s
-36 2272 p 87 c
-2 r 101 c
9 r (would) s
9 r (like) s
11 r (to) s
10 r (thank) s
10 r (them) s
11 r (all) s
11 r (for) s
10 r (their) s
10 r (help) s
10 r (and) s
11 r (insights) s
-36 2321 p (both) s
8 r (during) s
8 r (the) s
11 r (immediate) s
10 r (crisis) s
10 r (and) s
11 r (afterwards.) s
t-bol.360 @sf
-36 2440 p (5.1) s
49 r (The) s
19 r (MIT) s
19 r (team) s
t-rom.300 @sf
-36 2518 p (The) s
17 r (MIT) s
19 r (group) s
17 r (ef) s
(fort) s
16 r (encompassed) s
20 r (many) s
19 r (or) s
(ganization) s
-1 r 115 c
-36 2568 p (with) s
-1 r (in) s
5 r (the) s
7 r (Institute.) s
11 r (It) s
7 r (included) s
6 r (people) s
7 r (from) s
7 r (Project) s
7 r (Athena,) s
-36 2617 p (the) s
5 r 84 c
-2 r (elecommunications) s
7 r (Network) s
6 r (Group,) s
7 r (the) s
7 r (Student) s
6 r (Infor-) s
-36 2667 p (mation) s
8 r (Processing) s
11 r (Board) s
10 r (\(SIPB\),) s
10 r (the) s
11 r (Laboratory) s
10 r (for) s
10 r (Com-) s
-36 2717 p (puter) s
8 r (Science,) s
12 r (and) s
10 r (the) s
10 r (Media) s
11 r (Laboratory) s
-2 r 46 c
1054 96 p (The) s
10 r (SIPB') s
-1 r 115 c
9 r (role) s
9 r (is) s
9 r (quite) s
9 r (interesting.) s
13 r (It) s
9 r (is) s
9 r 97 c
11 r (volunteer) s
8 r (stu-) s
1012 146 p (dent) s
13 r (or) s
(ganization) s
11 r (that) s
12 r (represents) s
13 r (students) s
12 r (on) s
13 r (issues) s
13 r (of) s
13 r (the) s
1012 196 p (MIT) s
12 r (computing) s
10 r (environment,) s
11 r (does) s
11 r (software) s
12 r (development,) s
1012 246 p (provides) s
15 r (consulting) s
14 r (to) s
15 r (the) s
16 r (community) s
-2 r 44 c
15 r (and) s
16 r (other) s
15 r (miscel-) s
1012 295 p (laneous) s
15 r (tasks.) s
28 r (Almost) s
14 r (all) s
14 r (the) s
15 r (members) s
16 r (of) s
14 r (the) s
15 r (MIT) s
15 r (team) s
1012 345 p (which) s
11 r (took) s
9 r (apart) s
11 r (the) s
10 r (virus) s
10 r (were) s
11 r (members) s
12 r (of) s
10 r (the) s
11 r (SIPB,) s
11 r (and) s
1012 395 p (the) s
8 r (SIPB) s
7 r (of) s
174 c
(ce) s
8 r (was) s
8 r (the) s
7 r (focus) s
8 r (for) s
7 r (early) s
7 r (ef) s
(forts) s
7 r (at) s
7 r (virus) s
7 r (catch-) s
1012 445 p (ing) s
10 r (until) s
8 r (people) s
10 r (gathered) s
11 r (in) s
9 r (the) s
11 r (Project) s
10 r (Athena) s
10 r (of) s
174 c
(ces.) s
1054 497 p (Mark) s
13 r 87 c
-3 r 46 c
12 r (Eichin) s
12 r (\(Athena) s
12 r (and) s
13 r (SIPB\)) s
12 r (and) s
13 r (Stanley) s
12 r (R.) s
13 r (Za-) s
1012 546 p (narotti) s
6 r (\(LCS) s
7 r (and) s
7 r (SIPB\)) s
7 r (led) s
7 r (the) s
6 r (team) s
8 r (disassembling) s
7 r (the) s
6 r (virus) s
1012 596 p (code.) s
17 r (The) s
11 r (team) s
12 r (included) s
10 r (Bill) s
9 r (Sommerfeld) s
11 r (\(Athena/Apollo) s
1012 646 p (Computer) s
11 r (and) s
12 r (SIPB\),) s
11 r 84 c
-2 r (ed) s
11 r 89 c
-4 r 46 c
11 r 84 c
-2 r (s'o) s
11 r (\(Athena) s
11 r (and) s
11 r (SIPB\),) s
12 r (Jon) s
1012 696 p (Rochlis) s
13 r (\(T) s
-2 r (elecommunications) s
12 r (Network) s
12 r (Group) s
12 r (and) s
14 r (SIPB\),) s
1012 746 p (Ken) s
17 r (Raeburn) s
16 r (\(Athena) s
17 r (and) s
16 r (SIPB\),) s
17 r (Hal) s
16 r (Birkeland) s
16 r (\(Media) s
1012 795 p (Laboratory\),) s
10 r (and) s
11 r (John) s
10 r 84 c
-2 r 46 c
10 r (Kohl) s
9 r (\(Athena/DEC) s
10 r (and) s
10 r (SIPB\).) s
1054 847 p (Jef) s
(frey) s
15 r (I.) s
16 r (Schiller) s
14 r (\(Campus) s
16 r (Network) s
15 r (Manager) s
-1 r 44 c
17 r (Athena) s
1012 897 p (Operations) s
12 r (Manager) s
-1 r 44 c
14 r (and) s
13 r (SIPB\)) s
12 r (did) s
12 r 97 c
14 r (lot) s
11 r (of) s
13 r (work) s
12 r (in) s
12 r (trap-) s
1012 947 p (ping) s
10 r (the) s
11 r (virus,) s
10 r (setting) s
9 r (up) s
11 r (an) s
11 r (isolated) s
9 r (test) s
11 r (suite,) s
11 r (and) s
10 r (dealing) s
1012 997 p (with) s
12 r (the) s
13 r (media.) s
23 r (Pascal) s
14 r (Chesnais) s
13 r (\(Media) s
13 r (Laboratory\)) s
12 r (was) s
1012 1046 p (one) s
15 r (of) s
14 r (the) s
15 r 174 c
(rst) s
14 r (at) s
15 r (MIT) s
15 r (to) s
14 r (spot) s
14 r (the) s
14 r (virus.) s
27 r (Ron) s
14 r (Hof) s
(fmann) s
1012 1096 p (\(Network) s
9 r (Group\)) s
9 r (was) s
10 r (one) s
10 r (of) s
10 r (the) s
9 r 174 c
(rst) s
10 r (to) s
9 r (notice) s
9 r (an) s
10 r (MIT) s
10 r (ma-) s
1012 1146 p (chine) s
11 r (attacked) s
10 r (by) s
10 r 174 c
(nger) s
-1 r 46 c
1054 1198 p 84 c
(im) s
6 r (Shepard) s
7 r (\(LCS\)) s
7 r (provided) s
5 r (information) s
5 r (about) s
7 r (the) s
7 r (prop-) s
1012 1248 p (agation) s
7 r (of) s
8 r (the) s
7 r (virus,) s
7 r (as) s
9 r (well) s
7 r (as) s
8 r (lar) s
(ge) s
7 r (amounts) s
7 r (of) s
7 r 96 c
-2 r (`netwatch') s
-2 r 39 c
1012 1297 p (data) s
11 r (and) s
10 r (other) s
10 r (technical) s
10 r (help.) s
1054 1349 p (James) s
12 r (D.) s
10 r (Bruce) s
11 r (\(EECS) s
10 r (Professor) s
10 r (and) s
10 r 86 c
-1 r (ice) s
9 r (President) s
10 r (for) s
1012 1399 p (Information) s
9 r (Systems\)) s
11 r (and) s
11 r (the) s
10 r (MIT) s
10 r (News) s
12 r (Of) s
174 c
(ce) s
10 r (did) s
10 r (an) s
10 r (ad-) s
1012 1449 p (mirable) s
9 r (job) s
7 r (of) s
8 r (keeping) s
8 r (the) s
8 r (media) s
9 r (manageable) s
10 r (and) s
8 r (letting) s
7 r (us) s
1012 1499 p (get) s
11 r (our) s
9 r (work) s
10 r (done.) s
t-bol.360 @sf
1012 1628 p (5.2) s
51 r (The) s
19 r (Berkeley) s
19 r 84 c
-4 r (eam) s
t-rom.300 @sf
1012 1709 p 87 c
-2 r 101 c
12 r (communicated) s
12 r (and) s
12 r (exchanged) s
13 r (code) s
12 r (with) s
11 r (Berkeley) s
11 r (ex-) s
1012 1759 p (tensively) s
7 r (througho) s
-1 r (ut) s
5 r (the) s
7 r (morning) s
6 r (of) s
6 r 52 c
7 r (November) s
8 r (1988.) s
12 r (The) s
1012 1809 p (team) s
14 r (there) s
13 r (included) s
12 r (Keith) s
13 r (Bostic) s
12 r (\(Computer) s
12 r (Systems) s
14 r (Re-) s
1012 1859 p (search) s
18 r (Group,) s
17 r (University) s
15 r (of) s
15 r (California,) s
17 r (Berkeley\),) s
18 r (Mike) s
1012 1909 p (Karels) s
12 r (\(Computer) s
11 r (Systems) s
12 r (Research) s
13 r (Group,) s
11 r (University) s
10 r (of) s
1012 1958 p (California,) s
7 r (Berkeley\),) s
8 r (Phil) s
7 r (Lapsley) s
8 r (\(Experimental) s
7 r (Comput-) s
1012 2008 p (ing) s
8 r (Facility) s
-2 r 44 c
8 r (University) s
7 r (of) s
9 r (California,) s
8 r (Berkeley\),) s
9 r (Dave) s
10 r (Pare) s
1012 2058 p (\(FX) s
8 r (Development,) s
8 r (Inc.\),) s
9 r (Donn) s
7 r (Seeley) s
8 r (\(University) s
6 r (of) s
8 r (Utah\),) s
1012 2108 p (Chris) s
12 r 84 c
-2 r (orek) s
11 r (\(University) s
10 r (of) s
12 r (Maryland\),) s
12 r (and) s
12 r (Peter) s
13 r 89 c
-3 r (ee) s
12 r (\(Ex-) s
1012 2158 p (perimental) s
17 r (Computing) s
15 r (Facility) s
-2 r 44 c
18 r (University) s
15 r (of) s
17 r (California,) s
1012 2207 p (Berkeley\).) s
t-bol.360 @sf
1012 2337 p (5.3) s
51 r (Others) s
t-rom.300 @sf
1012 2418 p (Numerous) s
12 r (others) s
11 r (across) s
12 r (the) s
11 r (country) s
10 r (deserve) s
12 r (thanks;) s
11 r (many) s
1012 2468 p (of) s
18 r (them) s
19 r (worked) s
18 r (directly) s
17 r (or) s
18 r (indirectly) s
16 r (on) s
18 r (the) s
18 r (virus,) s
20 r (and) s
1012 2518 p (helped) s
8 r (coordinate) s
7 r (the) s
7 r (spread) s
8 r (of) s
7 r (information.) s
11 r (Special) s
8 r (thanks) s
1012 2568 p (should) s
7 r (go) s
7 r (to) s
7 r (Gene) s
8 r (Spaf) s
(ford) s
6 r (\(Purdue\)) s
7 r (for) s
7 r (serving) s
7 r (as) s
8 r 97 c
9 r (central) s
1012 2617 p (information) s
9 r (point) s
9 r (and) s
11 r (providin) s
-1 r 103 c
9 r (key) s
10 r (insight) s
9 r (into) s
9 r (the) s
10 r (work-) s
1012 2667 p (ings) s
8 r (of) s
8 r (the) s
9 r (virus.) s
12 r (Don) s
8 r (Becker) s
9 r (\(Harris) s
8 r (Corporation\)) s
6 r (has) s
9 r (pro-) s
1012 2717 p (vided) s
13 r (the) s
12 r (most) s
13 r (readable) s
13 r (decompilation) s
12 r (of) s
12 r (the) s
13 r (virus) s
12 r (which) s
954 2842 p (16) s
@eop
17 @bop0
17 @bop1
t-rom.300 @sf
-36 96 p (we) s
9 r (have) s
11 r (seen) s
11 r (to) s
10 r (date.) s
14 r (It) s
10 r (was) s
11 r (most) s
10 r (helpful.) s
4 146 p (An) s
14 r (attempt) s
13 r (was) s
14 r (made) s
15 r (to) s
13 r (provide) s
13 r 97 c
14 r (review) s
14 r (copy) s
13 r (of) s
13 r (this) s
-36 196 p (paper) s
11 r (to) s
11 r (all) s
11 r (people) s
12 r (mentioned) s
11 r (by) s
11 r (name.) s
20 r (Most) s
11 r (read) s
12 r 97 c
13 r (copy) s
-36 246 p (and) s
9 r (many) s
10 r (provided) s
9 r (useful) s
10 r (corrections.) s
4 295 p (People) s
8 r (who) s
7 r (of) s
(fered) s
7 r (particularly) s
6 r (valuable) s
7 r (advice) s
9 r (included) s
-36 345 p (Judit) s
-1 r 104 c
7 r (Provost,) s
8 r (Jennifer) s
8 r (Steiner) s
-1 r 44 c
9 r (Mary) s
8 r 86 c
-4 r (ogt,) s
7 r (Stan) s
9 r (Zanarotti,) s
-36 395 p (Jon) s
6 r (Kamens,) s
9 r (Marc) s
8 r (Horowitz,) s
7 r (Jenifer) s
8 r 84 c
(idwell,) s
6 r (James) s
9 r (Bruce,) s
-36 445 p (Jerry) s
15 r (Saltzer) s
-1 r 44 c
19 r (Steve) s
17 r (Dyer) s
-1 r 44 c
18 r (Ron) s
16 r (Hof) s
(fmann) s
15 r (and) s
17 r (many) s
17 r (un-) s
-36 495 p (named) s
10 r (people) s
11 r (from) s
11 r (the) s
11 r (SIPB) s
10 r (Of) s
174 c
(ce.) s
17 r (Any) s
10 r (remaining) s
11 r 175 c
(aws) s
-36 544 p (in) s
8 r (this) s
10 r (paper) s
10 r (are) s
11 r (our) s
10 r (fault,) s
10 r (not) s
9 r (theirs.) s
4 594 p (Special) s
11 r (thanks) s
11 r (to) s
10 r (Bill) s
10 r (Sommerfeld) s
11 r (for) s
11 r (providing) s
9 r (the) s
10 r (de-) s
-36 644 p (scripti) s
-1 r (on) s
8 r (of) s
10 r (the) s
10 r 174 c
(nger) s
10 r (attack) s
11 r (and) s
10 r (its) s
10 r (discovery) s
-2 r 46 c
954 2842 p (17) s
@eop
18 @bop0
18 @bop1
t-bol.420 @sf
-36 96 p 65 c
57 r (The) s
22 r (Pr) s
(ogram) s
t-rom.300 @sf
-36 190 p (This) s
11 r (Appendix) s
12 r (describes) s
14 r (the) s
13 r (virus) s
12 r (program) s
13 r (subroutin) s
-1 r 101 c
12 r (by) s
-36 240 p (subrou) s
-1 r (tin) s
-1 r (e.) s
20 r (For) s
13 r (reference,) s
15 r (the) s
13 r 175 c
(ow) s
12 r (of) s
13 r (information) s
10 r (among) s
-36 289 p (the) s
9 r (subroutin) s
-1 r (es) s
9 r (is) s
10 r (shown) s
10 r (in) s
10 r (Figure) s
10 r (3.) s
t-bol.360 @sf
-36 411 p (A.1) s
49 r (Names) s
t-rom.300 @sf
-36 490 p (The) s
12 r (core) s
14 r (of) s
13 r (the) s
13 r (virus) s
12 r (is) s
13 r 97 c
14 r (pair) s
13 r (of) s
12 r (binary) s
13 r (modules,) s
14 r (one) s
13 r (for) s
-36 539 p (the) s
14 r 86 c
-4 r (AX) s
14 r (architecture) s
15 r (and) s
15 r (the) s
16 r (other) s
14 r (for) s
15 r (the) s
15 r (Sun) s
15 r (architec-) s
-36 589 p (ture.) s
13 r (These) s
12 r (are) s
12 r (linkable) s
9 r (modules,) s
11 r (and) s
11 r (thus) s
10 r (have) s
11 r (name) s
12 r (lists) s
-36 639 p (for) s
11 r (their) s
12 r (internal) s
12 r (procedures.) s
23 r (Many) s
13 r (of) s
12 r (the) s
13 r (original) s
11 r (names) s
-36 689 p (are) s
10 r (included) s
9 r (here) s
11 r (with) s
9 r (the) s
10 r (descriptions) s
10 r (of) s
10 r (the) s
10 r (functions) s
9 r (the) s
-36 739 p (rout) s
-1 r (ines) s
9 r (performed.) s
4 789 p (It) s
8 r (is) s
9 r (surprising) s
7 r (that) s
8 r (the) s
9 r (names) s
10 r (are) s
10 r (included,) s
9 r (and) s
9 r (astonish-) s
-36 839 p (ing) s
5 r (that) s
8 r (they) s
7 r (are) s
9 r (meaningful.) s
12 r (Some) s
8 r (simple) s
8 r (techniques,) s
8 r (such) s
-36 889 p (as) s
9 r (randomizing) s
9 r (the) s
10 r (procedure) s
10 r (names,) s
11 r (would) s
9 r (have) s
10 r (removed) s
-36 938 p 97 c
10 r (number) s
9 r (of) s
10 r (clues) s
11 r (to) s
10 r (the) s
10 r (function) s
9 r (of) s
10 r (the) s
10 r (virus.) s
t-bol.360 @sf
-36 1060 p (A.2) s
49 r (main) s
t-rom.300 @sf
-36 1139 p (The) s
8 r (main) s
9 r (module,) s
9 r (the) s
9 r (starting) s
8 r (point) s
7 r (of) s
9 r (any) s
9 r 67 c
8 r (language) s
9 r (pro-) s
-36 1188 p (gram,) s
8 r (does) s
9 r (some) s
9 r (initiali) s
-1 r (zation,) s
7 r (processes) s
10 r (its) s
8 r (command) s
9 r (line,) s
-36 1238 p (and) s
12 r (then) s
12 r (goes) s
13 r (of) s
102 c
12 r (into) s
12 r (the) s
13 r (loop) s
11 r (which) s
13 r (or) s
(ganizes) s
12 r (all) s
13 r (of) s
13 r (the) s
-36 1288 p (real) s
9 r (work.) s
t-bol.300 @sf
-36 1401 p (A.2.1) s
40 r (Initialization) s
t-rom.300 @sf
-36 1480 p (The) s
8 r (program) s
8 r 174 c
(rst) s
9 r (takes) s
9 r (some) s
9 r (steps) s
9 r (to) s
9 r (hide) s
8 r (itself.) s
13 r (It) s
8 r (changes) s
-36 1530 p (the) s
10 r 96 c
-2 r (`zeroth') s
-3 r 39 c
10 r (ar) s
(gument,) s
12 r (which) s
11 r (is) s
12 r (the) s
11 r (process) s
13 r (name,) s
13 r (to) s
c-med.300 @sf
11 r (sh) s
t-rom.300 @sf
46 c
-36 1580 p (Thus,) s
15 r (no) s
14 r (matter) s
15 r (how) s
14 r (the) s
15 r (program) s
14 r (was) s
16 r (invoked,) s
15 r (it) s
14 r (would) s
-36 1630 p (show) s
14 r (up) s
15 r (in) s
15 r (the) s
15 r (process) s
17 r (table) s
15 r (with) s
14 r (the) s
16 r (same) s
17 r (name) s
16 r (as) s
17 r (the) s
-36 1679 p (Bourn) s
-1 r 101 c
9 r (Shell,) s
10 r 97 c
11 r (program) s
10 r (which) s
10 r (often) s
10 r (runs) s
9 r (legitimately) s
-2 r 46 c
4 1730 p (The) s
14 r (program) s
12 r (also) s
13 r (sets) s
13 r (the) s
13 r (maximum) s
14 r (core) s
13 r (dump) s
13 r (size) s
13 r (to) s
-36 1779 p (zero) s
13 r (blocks.) s
24 r (If) s
14 r (the) s
14 r (program) s
13 r (crashed) s
cmr7.300 @sf
578 1765 p (19) s
t-rom.300 @sf
628 1779 p (it) s
13 r (would) s
13 r (not) s
13 r (leave) s
-36 1829 p 97 c
12 r (core) s
12 r (dump) s
11 r (behind) s
11 r (to) s
12 r (help) s
12 r (investigators.) s
17 r (It) s
12 r (also) s
12 r (turns) s
11 r (of) s
102 c
-36 1879 p (handli) s
-1 r (ng) s
7 r (of) s
8 r (write) s
8 r (errors) s
9 r (on) s
8 r (pipes,) s
9 r (which) s
8 r (normally) s
8 r (cause) s
10 r (the) s
-36 1929 p (progr) s
-1 r (am) s
10 r (to) s
9 r (exit.) s
4 1979 p (The) s
12 r (next) s
11 r (step) s
11 r (is) s
11 r (to) s
11 r (read) s
12 r (the) s
11 r (clock,) s
12 r (store) s
11 r (the) s
11 r (current) s
11 r (time) s
-36 2029 p (in) s
11 r 97 c
14 r (local) s
13 r (variable,) s
14 r (and) s
14 r (use) s
14 r (that) s
12 r (value) s
14 r (to) s
12 r (seed) s
15 r (the) s
13 r (random) s
-36 2079 p (number) s
9 r (generator) s
-1 r 46 c
t-bol.300 @sf
-36 2192 p (A.2.2) s
40 r (Command) s
15 r (line) s
15 r (argument) s
16 r (pr) s
(ocessing) s
t-rom.300 @sf
-36 2271 p (The) s
16 r (virus) s
16 r (program) s
17 r (itself) s
16 r (takes) s
18 r (an) s
17 r (optional) s
15 r (ar) s
(gument) s
c-med.300 @sf
17 r (-p) s
t-rom.300 @sf
-36 2321 p (which) s
6 r (must) s
9 r (be) s
8 r (followed) s
7 r (by) s
8 r 97 c
9 r (decimal) s
9 r (number) s
-1 r 44 c
8 r (which) s
8 r (seems) s
-36 2370 p (to) s
11 r (be) s
13 r 97 c
13 r (process) s
13 r (id) s
12 r (of) s
13 r (the) s
12 r (parent) s
13 r (which) s
12 r (spawned) s
13 r (it.) s
21 r (It) s
12 r (uses) s
-36 2420 p (thi) s
-1 r 115 c
7 r (number) s
9 r (later) s
9 r (to) s
8 r (kill) s
7 r (that) s
8 r (process,) s
10 r (probably) s
8 r (to) s
8 r 96 c
-2 r (`close) s
8 r (the) s
-36 2470 p (door) s
1 r 39 c
-3 r 39 c
8 r (behind) s
9 r (it.) s
4 2520 p (The) s
19 r (rest) s
19 r (of) s
18 r (the) s
18 r (command) s
20 r (line) s
17 r (ar) s
(guments) s
18 r (are) s
19 r 96 c
-2 r (`object) s
-36 2570 p (names') s
-2 r ('.) s
25 r (These) s
16 r (are) s
15 r (names) s
16 r (of) s
14 r 174 c
(les) s
14 r (it) s
14 r (tries) s
14 r (to) s
14 r (load) s
14 r (into) s
13 r (its) s
-36 2599 p 390 2 ru
cmr6.300 @sf
-9 2627 p (19) s
t-rom.240 @sf
22 2638 p (For) s
9 r (example,) s
8 r (the) s
8 r (virus) s
8 r (was) s
8 r (originally) s
8 r (compiled) s
7 r (using) s
8 r (4.3BSD) s
8 r (decla-) s
-36 2678 p (ration) s
5 r 174 c
(les.) s
11 r (Under) s
6 r (4.2BSD,) s
8 r (the) s
6 r (alias) s
7 r (name) s
6 r (list) s
8 r (did) s
6 r (not) s
7 r (exist,) s
7 r (and) s
6 r (code) s
6 r (such) s
-36 2717 p (as) s
7 r (the) s
7 r (virus) s
8 r (which) s
8 r (assumes) s
7 r (aliases) s
7 r (are) s
8 r (there) s
8 r (can) s
7 r (crash) s
8 r (and) s
7 r (dump) s
7 r (core.) s
t-rom.300 @sf
1012 96 p (address) s
13 r (space.) s
22 r (If) s
11 r (it) s
12 r (can') s
116 c
11 r (load) s
12 r (one) s
12 r (of) s
12 r (them,) s
14 r (it) s
11 r (quits.) s
19 r (If) s
12 r (the) s
c-med.300 @sf
1012 146 p (-p) s
t-rom.300 @sf
14 r (ar) s
(gument) s
13 r (is) s
14 r (given,) s
15 r (it) s
13 r (also) s
14 r (deletes) s
14 r (the) s
14 r (object) s
13 r 174 c
(les,) s
16 r (and) s
1012 196 p (later) s
8 r (tries) s
8 r (to) s
7 r (remove) s
8 r (the) s
8 r (disk) s
7 r (image) s
9 r (of) s
7 r (running) s
7 r (virus,) s
7 r (as) s
9 r (well) s
1012 246 p (as) s
12 r (the) s
11 r 174 c
(le) s
c-med.300 @sf
12 r (/tmp/.dumb) s
t-rom.300 @sf
46 c
16 r (\(This) s
11 r 174 c
(le) s
11 r (is) s
11 r (not) s
10 r (referenced) s
13 r (any-) s
1012 295 p (where) s
11 r (else) s
11 r (in) s
10 r (the) s
10 r (virus,) s
10 r (so) s
10 r (it) s
9 r (is) s
11 r (unclear) s
10 r (why) s
10 r (it) s
9 r (is) s
10 r (deleted.\)) s
1054 347 p (The) s
8 r (program) s
6 r (then) s
7 r (tried) s
6 r 97 c
7 r (few) s
8 r (further) s
6 r (steps,) s
8 r (exiting) s
5 r (\(`) s
-2 r (`bail-) s
1012 397 p (ing) s
10 r (out') s
-2 r ('\)) s
8 r (if) s
9 r (any) s
11 r (of) s
10 r (them) s
10 r (failed:) s
cmsy10.300 @sf
1054 448 p 15 c
t-rom.300 @sf
20 r (It) s
9 r (checked) s
11 r (that) s
9 r (it) s
9 r (had) s
9 r (been) s
10 r (given) s
9 r (at) s
10 r (least) s
9 r (one) s
10 r (object) s
9 r (on) s
1095 498 p (the) s
11 r (command) s
11 r (line.) s
cmsy10.300 @sf
1054 548 p 15 c
t-rom.300 @sf
20 r (It) s
14 r (checked) s
15 r (to) s
13 r (see) s
15 r (if) s
14 r (it) s
13 r (had) s
14 r (successfully) s
14 r (loaded) s
13 r (in) s
14 r (the) s
1095 598 p (object) s
c-med.300 @sf
10 r (l1.c) s
t-rom.300 @sf
46 c
1054 649 p (If) s
12 r (the) s
13 r 96 c
-2 r (`-p') s
-4 r 39 c
11 r (ar) s
(gument) s
11 r (was) s
14 r (given,) s
12 r (the) s
13 r (program) s
12 r (closes) s
13 r (all) s
1012 699 p 174 c
(le) s
14 r (descriptors,) s
13 r (in) s
13 r (case) s
15 r (there) s
13 r (are) s
14 r (any) s
13 r (connections) s
13 r (open) s
13 r (to) s
1012 749 p (the) s
11 r (parent.) s
1054 801 p (The) s
8 r (program) s
7 r (then) s
7 r (erases) s
9 r (the) s
7 r (text) s
7 r (of) s
7 r (the) s
8 r (ar) s
(gument) s
6 r (array) s
-2 r 44 c
8 r (to) s
1012 851 p (further) s
7 r (obscure) s
8 r (how) s
8 r (it) s
7 r (was) s
8 r (started) s
8 r (\(perhaps) s
8 r (to) s
7 r (hide) s
7 r (anything) s
1012 900 p (if) s
10 r (one) s
11 r (were) s
11 r (to) s
9 r (get) s
10 r 97 c
11 r (core) s
11 r (image) s
11 r (of) s
10 r (the) s
10 r (running) s
8 r (virus.\)) s
1054 952 p (It) s
8 r (scans) s
9 r (all) s
8 r (of) s
8 r (the) s
8 r (network) s
7 r (interfaces) s
9 r (on) s
8 r (the) s
8 r (machine,) s
10 r (gets) s
1012 1002 p (the) s
12 r 175 c
(ags) s
11 r (and) s
12 r (addresses) s
12 r (of) s
11 r (each) s
12 r (interface.) s
18 r (It) s
10 r (tries) s
11 r (to) s
11 r (get) s
11 r (the) s
1012 1052 p (point-to-po) s
-1 r (int) s
11 r (address) s
14 r (of) s
14 r (the) s
13 r (interface,) s
15 r (skipping) s
12 r (the) s
14 r (loop-) s
1012 1101 p (back) s
15 r (address.) s
25 r (It) s
14 r (also) s
14 r (stores) s
14 r (the) s
13 r (netmask) s
15 r (for) s
13 r (that) s
13 r (network) s
1012 1151 p 91 c
(23) s
(].) s
1054 1203 p (Finally) s
-2 r 44 c
8 r (it) s
8 r (kills) s
8 r (of) s
102 c
8 r (the) s
9 r (process) s
10 r (id) s
8 r (given) s
9 r (with) s
8 r (the) s
9 r 96 c
-2 r (`-p') s
-3 r 39 c
7 r (op-) s
1012 1253 p (tion.) s
24 r (It) s
14 r (also) s
13 r (changes) s
15 r (the) s
14 r (current) s
14 r (process) s
14 r (group,) s
14 r (so) s
14 r (that) s
13 r (it) s
1012 1302 p (doesn') s
116 c
10 r (die) s
11 r (when) s
11 r (the) s
11 r (parent) s
10 r (exits.) s
16 r (Once) s
12 r (this) s
10 r (is) s
11 r (cleaned) s
12 r (up,) s
1012 1352 p (it) s
12 r (falls) s
12 r (into) s
11 r (the) s
t-ita.300 @sf
12 r (doit) s
t-rom.300 @sf
11 r (routine) s
11 r (which) s
11 r (performs) s
12 r (the) s
13 r (rest) s
12 r (of) s
12 r (the) s
1012 1402 p (work.) s
t-bol.360 @sf
1012 1531 p (A.3) s
51 r (doit) s
18 r 114 c
(outine) s
t-rom.300 @sf
1012 1612 p (This) s
11 r (routine) s
9 r (is) s
10 r (where) s
10 r (the) s
11 r (program) s
10 r (spends) s
10 r (most) s
10 r (of) s
10 r (its) s
10 r (time.) s
t-bol.300 @sf
1012 1732 p (A.3.1) s
42 r (Initializatio) s
-1 r 110 c
t-rom.300 @sf
1012 1813 p (Like) s
7 r (the) s
7 r (main) s
7 r (routine,) s
7 r (it) s
6 r (seeds) s
8 r (the) s
6 r (random) s
7 r (number) s
7 r (generator) s
1012 1863 p (with) s
11 r (the) s
12 r (clock,) s
12 r (and) s
12 r (stores) s
11 r (the) s
12 r (clock) s
12 r (value) s
11 r (to) s
12 r (later) s
11 r (measure) s
1012 1913 p (how) s
10 r (long) s
10 r (the) s
10 r (virus) s
9 r (has) s
11 r (been) s
10 r (running) s
9 r (on) s
10 r (this) s
9 r (system.) s
1054 1964 p (It) s
9 r (then) s
8 r (tries) s
t-ita.300 @sf
9 r (hg) s
t-rom.300 @sf
46 c
13 r (If) s
9 r (that) s
9 r (fails,) s
9 r (it) s
8 r (tries) s
t-ita.300 @sf
9 r (hl) s
t-rom.300 @sf
46 c
13 r (If) s
9 r (that) s
8 r (fails,) s
10 r (it) s
8 r (tries) s
t-ita.300 @sf
1012 2014 p (ha) s
t-rom.300 @sf
46 c
1054 2066 p (It) s
8 r (then) s
8 r (tries) s
8 r (to) s
8 r (check) s
9 r (if) s
8 r (there) s
8 r (is) s
8 r (already) s
9 r 97 c
9 r (copy) s
8 r (of) s
8 r (the) s
8 r (virus) s
1012 2116 p (running) s
9 r (on) s
10 r (this) s
9 r (machine.) s
15 r (Errors) s
11 r (in) s
9 r (this) s
10 r (code) s
11 r (contributed) s
8 r (to) s
1012 2165 p (the) s
12 r (lar) s
(ge) s
11 r (amounts) s
12 r (of) s
11 r (computer) s
12 r (time) s
12 r (taken) s
12 r (up) s
11 r (by) s
11 r (the) s
12 r (virus.) s
1012 2215 p (Speci) s
174 c
(cally:) s
cmsy10.300 @sf
1054 2267 p 15 c
t-rom.300 @sf
20 r (On) s
10 r 97 c
11 r (one-in-seven) s
9 r (chance,) s
12 r (it) s
9 r (won') s
116 c
8 r (even) s
11 r (try) s
9 r (to) s
9 r (test) s
10 r (for) s
1095 2317 p (another) s
10 r (virus.) s
cmsy10.300 @sf
1054 2367 p 15 c
t-rom.300 @sf
20 r (The) s
10 r 174 c
(rst) s
9 r (copy) s
9 r (of) s
9 r (the) s
10 r (virus) s
8 r (to) s
9 r (run) s
8 r (is) s
9 r (the) s
9 r (only) s
9 r (one) s
9 r (which) s
1095 2416 p (listens) s
10 r (for) s
10 r (others;) s
10 r (if) s
10 r (multiple) s
9 r (infections) s
9 r (occur) s
11 r 96 c
-2 r (`simul-) s
1095 2466 p (taneously') s
-2 r 39 c
6 r (they) s
8 r (will) s
6 r (not) s
7 r 96 c
-2 r (`hear) s
2 r 39 c
-2 r 39 c
5 r (each) s
9 r (other) s
-1 r 44 c
8 r (and) s
8 r (all) s
7 r (but) s
1095 2516 p (one) s
11 r (will) s
9 r (fail) s
9 r (to) s
10 r (listen) s
9 r (\(see) s
12 r (section) s
10 r (A.12\).) s
1054 2568 p (The) s
20 r (remainder) s
19 r (of) s
19 r (the) s
18 r (initializatio) s
-1 r 110 c
17 r (routine) s
18 r (seems) s
20 r (de-) s
1012 2617 p (signed) s
20 r (to) s
20 r (send) s
20 r 97 c
21 r (single) s
20 r (byte) s
20 r (to) s
19 r (address) s
21 r (128.32.137.13,) s
1012 2667 p (which) s
8 r (is) s
t-ita.300 @sf
8 r (ernie.berkeley) s
-1 r (.edu) s
t-rom.300 @sf
44 c
10 r (on) s
8 r (port) s
7 r 49 c
-1 r (1357.) s
11 r (This) s
8 r (never) s
9 r (hap-) s
1012 2717 p (pens,) s
15 r (since) s
14 r (the) s
14 r (author) s
12 r (used) s
14 r (the) s
t-ita.300 @sf
13 r (sendto) s
t-rom.300 @sf
13 r (function) s
12 r (on) s
13 r 97 c
14 r (TCP) s
954 2842 p (18) s
@eop
19 @bop0
19 @bop1
-36 2501 p @beginspecial
-36.000000 @hoffset
-108.000000 @voffset
@setspecial
%!PS-Adobe-
%%DocumentFonts: Courier
%%Pages: 1
%%BoundingBox: 23 88 1279 675
%%EndComments
.86 1 scale
40 0 translate
/arrowheight 8 def
/arrowwidth 4 def
/none null def
/numgraphicparameters 10 def
/Begin {
save
numgraphicparameters dict begin
} def
/End {
end
restore
} def
/SetB {
dup type /nulltype eq {
pop
false /brushrightarrow idef
false /brushleftarrow idef
1 /brushwidth idef
0 /brushdashoffset idef
[] /brushdasharray idef
true /brushnone idef
} {
0 ne /brushrightarrow idef
0 ne /brushleftarrow idef
/brushwidth idef
/brushdashoffset idef
/brushdasharray idef
false /brushnone idef
} ifelse
} def
/SetF {
/printsize idef
/printfont idef
} def
/SetP {
dup type /nulltype eq {
pop
-1 /patterngraylevel idef
true /patternnone idef
} {
/patterngraylevel idef
false /patternnone idef
} ifelse
} def
/BSpl {
0 begin
storexyn
newpath
0 0 0 0 0 0 1 1 true subspline
n 2 gt {
0 0 0 0 1 1 2 2 false subspline
1 1 n 3 sub {
/i exch def
i 1 sub dup i dup i 1 add dup i 2 add dup false subspline
} for
n 3 sub dup n 2 sub dup n 1 sub dup 2 copy false subspline
} if
n 2 sub dup n 1 sub dup 2 copy 2 copy false subspline
patternnone not brushleftarrow not brushrightarrow not and and {
ifill
} if
brushnone not { istroke } if
0 0 1 1 leftarrow
n 2 sub dup n 1 sub dup rightarrow
end
} dup 0 4 dict put def
/Circ {
newpath
0 360 arc
patternnone not { ifill } if
brushnone not { istroke } if
} def
/CBSpl {
0 begin
dup 2 gt {
storexyn
newpath
n 1 sub dup 0 0 1 1 2 2 true subspline
1 1 n 3 sub {
/i exch def
i 1 sub dup i dup i 1 add dup i 2 add dup false subspline
} for
n 3 sub dup n 2 sub dup n 1 sub dup 0 0 false subspline
n 2 sub dup n 1 sub dup 0 0 1 1 false subspline
patternnone not { ifill } if
brushnone not { istroke } if
} {
Poly
} ifelse
end
} dup 0 4 dict put def
/Elli {
0 begin
/savedCTM matrix currentmatrix def
newpath
4 2 roll
translate
scale
0 0 1 0 360 arc
savedCTM setmatrix
patternnone not { ifill } if
brushnone not { istroke } if
end
} dup 0 1 dict put def
/Line {
0 begin
2 storexyn
newpath
x 0 get y 0 get moveto
x 1 get y 1 get lineto
brushnone not { istroke } if
0 0 1 1 leftarrow
0 0 1 1 rightarrow
end
} dup 0 4 dict put def
/MLine {
0 begin
storexyn
newpath
x 0 get y 0 get moveto
1 1 n 1 sub {
/i exch def
x i get y i get lineto
} for
patternnone not brushleftarrow not brushrightarrow not and and {
ifill
} if
brushnone not { istroke } if
0 0 1 1 leftarrow
n 2 sub dup n 1 sub dup rightarrow
end
} dup 0 4 dict put def
/Poly {
3 1 roll
newpath
moveto
-1 add
{ lineto } repeat
closepath
patternnone not { ifill } if
brushnone not { istroke } if
} def
/Rect {
0 begin
/t exch def
/r exch def
/b exch def
/l exch def
newpath
l b moveto
l t lineto
r t lineto
r b lineto
closepath
patternnone not { ifill } if
brushnone not { istroke } if
end
} dup 0 4 dict put def
/Text {
patternnone not { ishow } { pop } ifelse
} def
/idef {
dup where { pop pop pop } { exch def } ifelse
} def
/ifill {
gsave
patterngraylevel setgray
eofill
grestore
} def
/istroke {
gsave
brushdashoffset -1 eq {
[] 0 setdash
1 setgray
} {
brushdasharray brushdashoffset setdash
0 setgray
} ifelse
brushwidth setlinewidth
originalCTM setmatrix
stroke
grestore
} def
/ishow {
0 begin
gsave
0 2.5 originalCTM dtransform idtransform
/yoff exch def
/xoff exch def
printfont /Courier ne printsize 10 ne and { xoff yoff translate } if
printfont findfont printsize scalefont setfont
patterngraylevel setgray
/vertoffset printsize neg def {
0 vertoffset moveto show
/vertoffset vertoffset printsize sub def
} forall
grestore
end
} dup 0 3 dict put def
/arrowhead {
0 begin
transform originalCTM itransform
/taily exch def
/tailx exch def
transform originalCTM itransform
/tipy exch def
/tipx exch def
/dy tipy taily sub def
/dx tipx tailx sub def
/angle dx 0 ne dy 0 ne or { dy dx atan } { 90 } ifelse def
gsave
originalCTM setmatrix
tipx tipy translate
angle rotate
newpath
0 0 moveto
arrowheight neg arrowwidth 2 div lineto
arrowheight neg arrowwidth 2 div neg lineto
closepath
patternnone not { ifill } if
brushnone not { istroke } if
grestore
end
} dup 0 7 dict put def
/leftarrow {
0 begin
y exch get /taily exch def
x exch get /tailx exch def
y exch get /tipy exch def
x exch get /tipx exch def
brushleftarrow { tipx tipy tailx taily arrowhead } if
end
} dup 0 4 dict put def
/rightarrow {
0 begin
y exch get /tipy exch def
x exch get /tipx exch def
y exch get /taily exch def
x exch get /tailx exch def
brushrightarrow { tipx tipy tailx taily arrowhead } if
end
} dup 0 4 dict put def
/midpoint {
0 begin
/y1 exch def
/x1 exch def
/y0 exch def
/x0 exch def
x0 x1 add 2 div
y0 y1 add 2 div
end
} dup 0 4 dict put def
/thirdpoint {
0 begin
/y1 exch def
/x1 exch def
/y0 exch def
/x0 exch def
x0 2 mul x1 add 3 div
y0 2 mul y1 add 3 div
end
} dup 0 4 dict put def
/subspline {
0 begin
/movetoNeeded exch def
y exch get /y3 exch def
x exch get /x3 exch def
y exch get /y2 exch def
x exch get /x2 exch def
y exch get /y1 exch def
x exch get /x1 exch def
y exch get /y0 exch def
x exch get /x0 exch def
x1 y1 x2 y2 thirdpoint
/p1y exch def
/p1x exch def
x2 y2 x1 y1 thirdpoint
/p2y exch def
/p2x exch def
x1 y1 x0 y0 thirdpoint
p1x p1y midpoint
/p0y exch def
/p0x exch def
x2 y2 x3 y3 thirdpoint
p2x p2y midpoint
/p3y exch def
/p3x exch def
movetoNeeded { p0x p0y moveto } if
p1x p1y p2x p2y p3x p3y curveto
end
} dup 0 17 dict put def
/storexyn {
/n exch def
/y n array def
/x n array def
n 1 sub -1 0 {
/i exch def
y i 3 2 roll put
x i 3 2 roll put
} for
} def
%%EndProlog
%I Idraw 1
gsave
[ 0.9 0 0 0.9 0 0 ] concat
/originalCTM matrix currentmatrix def
grestore
Begin %I Pict
%I b u
%I f u
%I p u
[0.9 0 0 0.9 0 0] concat
%I t 0.9 0 0 0.9 0 0
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
462 581 462 469 Line %I 462 581 462 469
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
448 581 448 469 Line %I 448 581 448 469
End
Begin %I MLine
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
%I 4
336 238 %I 336 238
336 210 %I 336 210
252 210 %I 252 210
252 189 %I 252 189
4 MLine
End
Begin %I MLine
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
%I 4
259 238 %I 259 238
259 224 %I 259 224
231 224 %I 231 224
231 189 %I 231 189
4 MLine
End
Begin %I MLine
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
%I 4
175 238 %I 175 238
175 224 %I 175 224
210 224 %I 210 224
210 189 %I 210 189
4 MLine
End
Begin %I MLine
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
%I 4
70 238 %I 70 238
70 210 %I 70 210
189 210 %I 189 210
189 189 %I 189 189
4 MLine
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
336 350 336 266 Line %I 336 350 336 266
End
Begin %I MLine
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
%I 4
154 399 %I 154 399
154 308 %I 154 308
315 308 %I 315 308
315 266 %I 315 266
4 MLine
End
Begin %I MLine
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
%I 5
126 399 %I 126 399
126 294 %I 126 294
259 294 %I 259 294
259 273 %I 259 273
259 266 %I 259 266
5 MLine
End
Begin %I MLine
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
%I 4
98 399 %I 98 399
98 280 %I 98 280
175 280 %I 175 280
175 266 %I 175 266
4 MLine
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
70 399 70 266 Line %I 70 399 70 266
End
Begin %I Line
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
483 455 511 455 Line %I 483 455 511 455
End
Begin %I Line
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 7 -259] concat
%I t 1 0 0 1 7 -259
476 672 504 672 Line %I 476 672 504 672
End
Begin %I Line
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 7 -301] concat
%I t 1 0 0 1 7 -301
476 672 504 672 Line %I 476 672 504 672
End
Begin %I Line
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 0 -42] concat
%I t 1 0 0 1 0 -42
357 413 427 413 Line %I 357 413 427 413
End
Begin %I Line
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
357 413 427 413 Line %I 357 413 427 413
End
Begin %I Line
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
427 455 357 455 Line %I 427 455 357 455
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
406 609 385 658 Line %I 406 609 385 658
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
483 672 399 672 Line %I 483 672 399 672
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
448 721 385 686 Line %I 448 721 385 686
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
336 721 357 686 Line %I 336 721 357 686
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
77 721 77 658 Line %I 77 721 77 658
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
203 721 203 658 Line %I 203 721 203 658
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
371 658 294 539 Line %I 371 658 294 539
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
357 658 154 539 Line %I 357 658 154 539
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
203 630 126 539 Line %I 203 630 126 539
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
84 630 98 539 Line %I 84 630 98 539
End
Begin %I Pict
%I b u
%I f u
%I p u
%I t u
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1.73684 0 0 1.2 -162.474 -37.8] concat
%I t 1.73684 0 0 1.2 -162.474 -37.8
154 154 287 189 Rect %I 154 154 287 189
End
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1.03704 -2.5 0.518524] concat
%I t 1 0 0 1.03704 -2.5 0.518524
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 202 175] concat
%I t 1 0 0 1 202 175
%I waithit
[
(waithit)
] Text
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 112 161] concat
%I t 1 0 0 1 112 161
%I (wait for infected client to respond)
[
(\(wait for infected client to respond\))
] Text
End
End %I eop
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 98 -42] concat
%I t 1 0 0 1 98 -42
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 7 63] concat
%I t 1 0 0 1 7 63
203 217 280 245 Rect %I 203 217 280 245
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 221.5 300.5] concat
%I t 1 0 0 1 221.5 300.5
%I Hit rexec
[
(Hit rexec)
] Text
End
End %I eop
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
469 581 469 427 Line %I 469 581 469 427
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
476 581 476 385 Line %I 476 581 476 385
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
434 581 434 385 Line %I 434 581 434 385
End
Begin %I Line
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
441 581 441 427 Line %I 441 581 441 427
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 178 535] concat
%I t 1 0 0 1 178 535
%I
[
()
] Text
End
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
203 560 203 560 Rect %I 203 560 203 560
End
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -28 -161] concat
%I t 1 0 0 1 -28 -161
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 0 0] concat
%I t 1 0 0 1 0 0
77 560 203 651 Rect %I 77 560 203 651
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 113 612] concat
%I t 1 0 0 1 113 612
%I Host List
[
(Host List)
] Text
End
Begin %I Poly
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 0 0] concat
%I t 1 0 0 1 0 0
%I 4
77 700 %I 77 700
105 651 %I 105 651
175 651 %I 175 651
203 700 %I 203 700
4 Poly
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -140 -168] concat
%I t 1 0 0 1 -140 -168
Begin %I Poly
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 294 7] concat
%I t 1 0 0 1 294 7
%I 4
77 700 %I 77 700
105 651 %I 105 651
175 651 %I 175 651
203 700 %I 203 700
4 Poly
End
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 294 7] concat
%I t 1 0 0 1 294 7
77 560 203 651 Rect %I 77 560 203 651
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 392 619] concat
%I t 1 0 0 1 392 619
%I User Name List
[
(User Name List)
] Text
End
End %I eop
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 427 637] concat
%I t 1 0 0 1 427 637
%I
[
()
] Text
End
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 280 35] concat
%I t 1 0 0 1 280 35
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 0 0] concat
%I t 1 0 0 1 0 0
63 623 119 651 Rect %I 63 623 119 651
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 70 643.5] concat
%I t 1 0 0 1 70 643.5
%I Phase 0
[
(Phase 0)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 336 42] concat
%I t 1 0 0 1 336 42
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
56 679 168 707 Rect %I 56 679 168 707
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 64 699.5] concat
%I t 1 0 0 1 64 699.5
%I /etc/hosts.equiv
[
(/etc/hosts.equiv)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 238 0] concat
%I t 1 0 0 1 238 0
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
63 721 126 749 Rect %I 63 721 126 749
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 70.5 741.5] concat
%I t 1 0 0 1 70.5 741.5
%I /.rhosts
[
(/.rhosts)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 28 -224] concat
%I t 1 0 0 1 28 -224
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
343 805 420 833 Rect %I 343 805 420 833
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 351.5 825.5] concat
%I t 1 0 0 1 351.5 825.5
%I ~/.forward
[
(~/.forward)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 112 -175] concat
%I t 1 0 0 1 112 -175
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
350 756 420 784 Rect %I 350 756 420 784
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 358 776.5] concat
%I t 1 0 0 1 358 776.5
%I ~/.rhosts
[
(~/.rhosts)
] Text
End
End %I eop
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
%I t u
63 742 63 742 Rect %I 63 742 63 742
End
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 252 -175] concat
%I t 1 0 0 1 252 -175
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
175 616 231 644 Rect %I 175 616 231 644
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 182 636.5] concat
%I t 1 0 0 1 182 636.5
%I Phase 1
[
(Phase 1)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 259 -176] concat
%I t 1 0 0 1 259 -176
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 0 0.5] concat
%I t 1 0 0 1 0 0.5
168 574 224 602 Rect %I 168 574 224 602
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 175 595] concat
%I t 1 0 0 1 175 595
%I Phase 2
[
(Phase 2)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 378 -42] concat
%I t 1 0 0 1 378 -42
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
105 700 189 728 Rect %I 105 700 189 728
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 114 720.5] concat
%I t 1 0 0 1 114 720.5
%I /etc/passwd
[
(/etc/passwd)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -2 -4] concat
%I t 1 0 0 1 -2 -4
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 2 4] concat
%I t 1 0 0 1 2 4
231 350 357 399 Rect %I 231 350 357 399
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 245 385] concat
%I t 1 0 0 1 245 385
%I Guessed Passwords
[
(Guessed Passwords)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 252 -175] concat
%I t 1 0 0 1 252 -175
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
175 532 231 560 Rect %I 175 532 231 560
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 182 552.5] concat
%I t 1 0 0 1 182 552.5
%I Phase 3
[
(Phase 3)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -35 -301] concat
%I t 1 0 0 1 -35 -301
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
546 658 651 686 Rect %I 546 658 651 686
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 553.5 678.5] concat
%I t 1 0 0 1 553.5 678.5
%I /usr/dict/words
[
(/usr/dict/words)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 0 -1] concat
%I t 1 0 0 1 0 -1
Begin %I Rect
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1.16667 0 0 1 4.66669 -90.5] concat
%I t 1.16667 0 0 1 4.66669 -90.5
434 490 518 518 Rect %I 434 490 518 518
End
Begin %I Text
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 518 420] concat
%I t 1 0 0 1 518 420
%I Internal Words
[
(Internal Words)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
%I t u
Begin %I Rect
[] 0 1 1 1 SetB %I b 65535 1 1 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
511 441 616 469 Rect %I 511 441 616 469
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 518.5 461.5] concat
%I t 1 0 0 1 518.5 461.5
%I Obvious Guesses
[
(Obvious Guesses)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 14 -14] concat
%I t 1 0 0 1 14 -14
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 7 35] concat
%I t 1 0 0 1 7 35
203 217 280 245 Rect %I 203 217 280 245
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 227.5 272.5] concat
%I t 1 0 0 1 227.5 272.5
%I Hit rsh
[
(Hit rsh)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -153 20] concat
%I t 1 0 0 1 -153 20
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 -1.5 0.5] concat
%I t 1 0 0 1 -1.5 0.5
203 217 280 245 Rect %I 203 217 280 245
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 210 238] concat
%I t 1 0 0 1 210 238
%I Hit finger
[
(Hit finger)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -70 49] concat
%I t 1 0 0 1 -70 49
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 7 -28] concat
%I t 1 0 0 1 7 -28
203 217 280 245 Rect %I 203 217 280 245
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 224.5 209.5] concat
%I t 1 0 0 1 224.5 209.5
%I Hit SMTP
[
(Hit SMTP)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -161 469] concat
%I t 1 0 0 1 -161 469
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 0 -56] concat
%I t 1 0 0 1 0 -56
203 217 280 245 Rect %I 203 217 280 245
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 220.5 181.5] concat
%I t 1 0 0 1 220.5 181.5
%I if_init
[
(if_init)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -168 608] concat
%I t 1 0 0 1 -168 608
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 -0.5 0.5] concat
%I t 1 0 0 1 -0.5 0.5
196 112 301 140 Rect %I 196 112 301 140
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 203 133] concat
%I t 1 0 0 1 203 133
%I Interface Table
[
(Interface Table)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -161 469] concat
%I t 1 0 0 1 -161 469
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 126 -56] concat
%I t 1 0 0 1 126 -56
203 217 280 245 Rect %I 203 217 280 245
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 346.5 181.5] concat
%I t 1 0 0 1 346.5 181.5
%I rt_init
[
(rt_init)
] Text
End
End %I eop
Begin %I Pict
%I b u
%I f u
%I p u
[1 0 0 1 -161 602] concat
%I t 1 0 0 1 -161 602
Begin %I Rect
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
%I t u
322 119 413 147 Rect %I 322 119 413 147
End
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
0 SetP %I p 65535
[1 0 0 1 328.5 139.5] concat
%I t 1 0 0 1 328.5 139.5
%I Routing Table
[
(Routing Table)
] Text
End
End %I eop
Begin %I Text
[] 0 1 0 1 SetB %I b 65535 1 0 1
/Courier 10 SetF %I f 6x13 Courier 10
1 SetP %I p 0
[1 0 0 1 336 112] concat
%I t 1 0 0 1 336 112
%I (netstat)
[
(\(netstat\))
] Text
End
End %I eop
%%Trailer
showpage
@endspecial
t-rom.300 @sf
582 2571 p (Figure) s
10 r (3:) s
13 r (The) s
11 r (structure) s
10 r (of) s
10 r (the) s
10 r (attacking) s
9 r (engine.) s
954 2842 p (19) s
@eop
20 @bop0
20 @bop1
t-rom.300 @sf
-36 96 p (stream) s
15 r (connection,) s
17 r (instead) s
15 r (of) s
16 r 97 c
16 r (UDP) s
16 r (datagram) s
16 r (socket.) s
cmr7.300 @sf
902 82 p (20) s
t-rom.300 @sf
-36 146 p 87 c
-2 r 101 c
11 r (have) s
14 r (no) s
13 r (explanation) s
13 r (for) s
12 r (this;) s
14 r (it) s
13 r (only) s
12 r (tries) s
13 r (to) s
13 r (send) s
13 r (this) s
-36 196 p (packet) s
9 r (with) s
9 r 97 c
11 r (one) s
11 r (in) s
9 r 174 c
(fteen) s
11 r (random) s
10 r (chance.) s
t-bol.300 @sf
-36 310 p (A.3.2) s
40 r (Main) s
16 r (loop) s
t-rom.300 @sf
-36 390 p (An) s
12 r (in) s
174 c
(nite) s
13 r (loop) s
13 r (comprises) s
14 r (the) s
14 r (main) s
14 r (active) s
14 r (component) s
14 r (of) s
-36 439 p (the) s
13 r (virus.) s
26 r (It) s
14 r (calls) s
14 r (the) s
t-ita.300 @sf
15 r (cracksome) s
t-rom.300 @sf
16 r (routine) s
cmr7.300 @sf
655 425 p (21) s
t-rom.300 @sf
703 439 p (which) s
14 r (tries) s
14 r (to) s
-36 489 p 174 c
(nd) s
13 r (some) s
15 r (hosts) s
14 r (that) s
14 r (it) s
14 r (can) s
16 r (break) s
15 r (in) s
14 r (to.) s
27 r (Then) s
15 r (it) s
14 r (waits) s
14 r (30) s
-36 539 p (seconds,) s
16 r (listening) s
13 r (for) s
14 r (other) s
15 r (virus) s
14 r (programs) s
15 r (attempting) s
13 r (to) s
-36 589 p (break) s
9 r (in,) s
10 r (and) s
10 r (tries) s
10 r (to) s
10 r (break) s
10 r (into) s
9 r (another) s
10 r (batch) s
10 r (of) s
10 r (machines.) s
4 639 p (After) s
7 r (this) s
6 r (round) s
6 r (of) s
7 r (attacks,) s
8 r (it) s
7 r (forks,) s
7 r (creating) s
7 r (two) s
7 r (copies) s
7 r (of) s
-36 689 p (the) s
9 r (virus;) s
9 r (the) s
11 r (original) s
9 r (\(parent\)) s
10 r (dies,) s
11 r (leaving) s
10 r (the) s
10 r (fresh) s
11 r (copy) s
-2 r 46 c
-36 739 p (The) s
13 r (child) s
14 r (copy) s
14 r (has) s
15 r (all) s
13 r (of) s
14 r (the) s
15 r (information) s
12 r (the) s
14 r (parent) s
14 r (had,) s
-36 789 p (whil) s
-1 r 101 c
8 r (not) s
8 r (having) s
8 r (the) s
9 r (accumulated) s
10 r (CPU) s
8 r (usage) s
10 r (of) s
9 r (the) s
8 r (parent.) s
-36 839 p (It) s
9 r (also) s
9 r (has) s
11 r 97 c
11 r (new) s
11 r (process) s
10 r (id,) s
10 r (making) s
10 r (it) s
10 r (hard) s
10 r (to) s
10 r 174 c
(nd.) s
4 889 p (Next,) s
12 r (the) s
t-ita.300 @sf
12 r (hg) s
t-rom.300 @sf
44 c
t-ita.300 @sf
12 r (hl) s
t-rom.300 @sf
44 c
11 r (and) s
t-ita.300 @sf
12 r (ha) s
t-rom.300 @sf
11 r (routines) s
11 r (search) s
13 r (for) s
11 r (machines) s
12 r (to) s
-36 939 p (infect) s
10 r (\(see) s
12 r (Appendix) s
10 r (A.5\).) s
18 r (The) s
12 r (program) s
12 r (sleeps) s
12 r (for) s
11 r 50 c
11 r (min-) s
-36 989 p (utes,) s
9 r (and) s
10 r (then) s
10 r (checks) s
11 r (to) s
10 r (see) s
11 r (if) s
10 r (it) s
9 r (has) s
11 r (been) s
10 r (running) s
9 r (for) s
9 r (more) s
-36 1039 p (than) s
11 r (12) s
12 r (hours,) s
13 r (cleaning) s
13 r (up) s
12 r (some) s
13 r (of) s
13 r (the) s
12 r (entries) s
13 r (in) s
12 r (the) s
12 r (host) s
-36 1089 p (list) s
8 r (if) s
9 r (it) s
10 r (has.) s
4 1139 p (Finally) s
-2 r 44 c
15 r (before) s
16 r (repeating,) s
17 r (it) s
15 r (checks) s
17 r (the) s
15 r (global) s
15 r (variable) s
c-med.300 @sf
-36 1189 p (pleasequit) s
t-rom.300 @sf
46 c
14 r (If) s
11 r (it) s
11 r (is) s
10 r (set,) s
t-ita.300 @sf
12 r (and) s
t-rom.300 @sf
11 r (if) s
11 r (it) s
10 r (has) s
11 r (tried) s
11 r (more) s
11 r (than) s
11 r (10) s
-36 1239 p (words) s
10 r (from) s
11 r (its) s
11 r (own) s
11 r (dictionary) s
10 r (against) s
11 r (existing) s
10 r (passwords,) s
-36 1289 p (it) s
12 r (quit) s
-1 r (s.) s
21 r (Thus) s
14 r (forcing) s
c-med.300 @sf
12 r (pleasequit) s
t-rom.300 @sf
12 r (to) s
12 r (be) s
14 r (set) s
13 r (in) s
13 r (the) s
13 r (sys-) s
-36 1338 p (tem) s
10 r (libraries) s
10 r (will) s
10 r (do) s
11 r (very) s
11 r (little) s
9 r (to) s
11 r (stem) s
12 r (the) s
11 r (progress) s
11 r (of) s
10 r (this) s
-36 1388 p (viru) s
-1 r 115 c
cmr7.300 @sf
47 1374 p (22) s
t-rom.300 @sf
81 1388 p 46 c
t-bol.360 @sf
-36 1511 p (A.4) s
49 r (Cracking) s
18 r 114 c
(outines) s
t-rom.300 @sf
-36 1590 p (This) s
18 r (collection) s
18 r (of) s
20 r (routines) s
18 r (is) s
20 r (the) s
19 r 96 c
-2 r (`brain') s
-3 r 39 c
17 r (of) s
20 r (the) s
19 r (virus.) s
t-ita.300 @sf
-36 1640 p (cracksome) s
t-rom.300 @sf
44 c
12 r (the) s
12 r (main) s
12 r (switch,) s
11 r (chooses) s
12 r (which) s
12 r (of) s
11 r (four) s
11 r (strate-) s
-36 1690 p (gies) s
10 r (to) s
11 r (execute.) s
18 r (It) s
11 r (is) s
11 r (would) s
10 r (be) s
12 r (the) s
11 r (central) s
12 r (point) s
10 r (for) s
10 r (adding) s
-36 1740 p (new) s
17 r (strategies) s
18 r (if) s
18 r (the) s
18 r (virus) s
17 r (were) s
19 r (to) s
18 r (be) s
18 r (further) s
17 r (extended.) s
-36 1790 p (The) s
17 r (virus) s
16 r (works) s
18 r (each) s
18 r (strategy) s
17 r (through) s
16 r (completely) s
-2 r 44 c
19 r (then) s
-36 1839 p (switches) s
12 r (to) s
13 r (the) s
13 r (next) s
13 r (one.) s
23 r (Each) s
14 r (pass) s
14 r (through) s
11 r (the) s
14 r (cracking) s
-36 1889 p (rout) s
-1 r (ines) s
7 r (only) s
8 r (performs) s
8 r 97 c
9 r (small) s
9 r (amount) s
8 r (of) s
9 r (work,) s
8 r (but) s
8 r (enough) s
-36 1939 p (state) s
10 r (is) s
11 r (remembered) s
13 r (in) s
10 r (each) s
12 r (pass) s
12 r (to) s
11 r (continue) s
10 r (the) s
11 r (next) s
11 r (time) s
-36 1989 p (around.) s
t-bol.300 @sf
-36 2103 p (A.4.1) s
40 r (cracksome) s
t-rom.300 @sf
-36 2183 p (The) s
t-ita.300 @sf
13 r (cracksome) s
t-rom.300 @sf
15 r (routine) s
13 r (is) s
13 r (the) s
14 r (central) s
13 r (switching) s
13 r (routine) s
12 r (of) s
-36 2232 p (the) s
10 r (cracking) s
11 r (code.) s
18 r (It) s
11 r (decides) s
12 r (which) s
11 r (of) s
11 r (the) s
11 r (cracking) s
12 r (strate-) s
-36 2282 p (gies) s
12 r (is) s
14 r (actually) s
13 r (exercised) s
15 r (next.) s
24 r (Again,) s
14 r (note) s
13 r (that) s
14 r (this) s
12 r (rou-) s
-36 2332 p (tin) s
-1 r 101 c
12 r (was) s
14 r (named) s
14 r (in) s
12 r (the) s
13 r (global) s
12 r (symbol) s
13 r (table.) s
22 r (It) s
13 r (could) s
12 r (have) s
-36 2382 p (been) s
8 r (given) s
8 r 97 c
9 r (confusing) s
8 r (or) s
8 r (random) s
9 r (name,) s
10 r (but) s
8 r (it) s
8 r (was) s
9 r (actually) s
-36 2432 p (clearly) s
7 r (labelled,) s
10 r (which) s
8 r (lends) s
9 r (some) s
9 r (credence) s
11 r (to) s
8 r (the) s
9 r (idea) s
9 r (that) s
-36 2482 p (the) s
9 r (virus) s
9 r (was) s
11 r (released) s
11 r (prematurely) s
-2 r 46 c
-36 2520 p 390 2 ru
cmr6.300 @sf
-9 2548 p (20) s
t-rom.240 @sf
22 2559 p (If) s
9 r (the) s
9 r (author) s
8 r (had) s
8 r (been) s
7 r (as) s
9 r (careful) s
8 r (with) s
9 r (error) s
9 r (checking) s
7 r (here) s
8 r (as) s
8 r (he) s
9 r (tried) s
-36 2598 p (to) s
10 r (be) s
9 r (elsewhere,) s
11 r (he) s
10 r (would) s
10 r (have) s
9 r (noted) s
10 r (the) s
10 r (error) s
11 r 96 c
-1 r (`sock) s
-1 r (et) s
9 r (not) s
10 r (connected') s
-3 r 39 c
-36 2638 p (every) s
6 r (time) s
8 r (this) s
8 r (routine) s
8 r (is) s
8 r (invoked.) s
cmr6.300 @sf
-9 2666 p (21) s
t-rom.240 @sf
22 2677 p (This) s
9 r (name) s
7 r (was) s
8 r (actually) s
7 r (in) s
8 r (the) s
8 r (symbol) s
7 r (table) s
8 r (of) s
8 r (the) s
8 r (distributed) s
7 r (binary!) s
cmr6.300 @sf
-9 2706 p (22) s
t-rom.240 @sf
22 2717 p (Although) s
7 r (it) s
9 r (was) s
8 r (suggested) s
6 r (very) s
7 r (early) s
8 r 91 c
(24) s
-1 r (].) s
t-bol.300 @sf
1012 96 p (A.4.2) s
42 r (Phase) s
17 r 48 c
t-rom.300 @sf
1012 176 p (The) s
18 r 174 c
(rst) s
17 r (phase) s
18 r (of) s
17 r (the) s
t-ita.300 @sf
17 r (cracksome) s
t-rom.300 @sf
18 r (routines) s
16 r (reads) s
18 r (through) s
1012 226 p (the) s
c-med.300 @sf
10 r (/etc/hosts.equiv) s
8 r t-rom.300 @sf
174 c
(le) s
9 r (to) s
9 r 174 c
(nd) s
9 r (machine) s
11 r (names) s
10 r (that) s
1012 276 p (would) s
9 r (be) s
9 r (likely) s
8 r (tar) s
(gets.) s
13 r (While) s
9 r (this) s
8 r 174 c
(le) s
10 r (indicates) s
9 r (what) s
9 r (hosts) s
1012 326 p (the) s
12 r (current) s
11 r (machine) s
12 r (trusts,) s
11 r (it) s
11 r (is) s
11 r (fairly) s
11 r (common) s
12 r (to) s
10 r 174 c
(nd) s
12 r (sys-) s
1012 375 p (tems) s
14 r (where) s
13 r (all) s
13 r (machines) s
14 r (in) s
12 r 97 c
14 r (cluster) s
13 r (trust) s
12 r (each) s
14 r (other) s
-1 r 44 c
13 r (and) s
1012 425 p (at) s
16 r (the) s
14 r (very) s
15 r (least) s
15 r (it) s
14 r (is) s
15 r (likely) s
14 r (that) s
14 r (people) s
15 r (with) s
14 r (accounts) s
15 r (on) s
1012 475 p (this) s
7 r (machine) s
8 r (will) s
6 r (have) s
8 r (accounts) s
7 r (on) s
7 r (the) s
7 r (other) s
7 r (machines) s
8 r (men-) s
1012 525 p (tioned) s
10 r (in) s
c-med.300 @sf
9 r (/etc/hosts.equiv) s
t-rom.300 @sf
46 c
1054 576 p (It) s
13 r (also) s
14 r (reads) s
15 r (the) s
c-med.300 @sf
13 r (/.rhosts) s
14 r t-rom.300 @sf
174 c
(le,) s
15 r (which) s
13 r (lists) s
13 r (the) s
14 r (set) s
14 r (of) s
1012 626 p (machines) s
15 r (that) s
13 r (this) s
13 r (machine) s
14 r (trusts) s
13 r (root) s
13 r (access) s
16 r (from.) s
24 r (Note) s
1012 675 p (that) s
14 r (it) s
14 r (does) s
14 r (not) s
14 r (take) s
14 r (advantage) s
15 r (of) s
14 r (the) s
14 r (trust) s
13 r (itself) s
14 r 91 c
(25) s
-1 r 93 c
14 r (but) s
1012 725 p (merely) s
15 r (uses) s
14 r (the) s
13 r (names) s
15 r (as) s
15 r 97 c
14 r (list) s
12 r (of) s
14 r (additional) s
12 r (machines) s
14 r (to) s
1012 775 p (attack.) s
14 r (Often,) s
7 r (system) s
8 r (managers) s
8 r (will) s
6 r (deny) s
7 r (read) s
8 r (access) s
9 r (to) s
6 r (this) s
1012 825 p 174 c
(le) s
9 r (to) s
9 r (any) s
8 r (user) s
9 r (other) s
8 r (than) s
9 r (root) s
7 r (itself,) s
9 r (to) s
8 r (avoid) s
8 r (providing) s
7 r (any) s
1012 875 p (easy) s
13 r (list) s
10 r (of) s
11 r (secondary) s
11 r (tar) s
(gets) s
10 r (that) s
11 r (could) s
11 r (be) s
11 r (used) s
12 r (to) s
10 r (subvert) s
1012 925 p (the) s
13 r (machine;) s
13 r (this) s
12 r (practice) s
13 r (would) s
11 r (have) s
13 r (prevented) s
12 r (the) s
12 r (virus) s
1012 974 p (from) s
7 r (discovering) s
6 r (those) s
7 r (names,) s
9 r (although) s
c-med.300 @sf
5 r (/.rhosts) s
t-rom.300 @sf
7 r (is) s
7 r (very) s
1012 1024 p (often) s
10 r 97 c
11 r (subset) s
10 r (of) s
c-med.300 @sf
10 r (/etc/hosts.equiv) s
t-rom.300 @sf
46 c
1054 1075 p (The) s
16 r (program) s
15 r (then) s
15 r (reads) s
16 r (the) s
15 r (entire) s
15 r (local) s
15 r (password) s
15 r 174 c
(le,) s
c-med.300 @sf
1012 1125 p (/etc/passwd) s
t-rom.300 @sf
46 c
21 r (It) s
12 r (uses) s
13 r (this) s
12 r (to) s
12 r 174 c
(nd) s
12 r (personal) s
c-med.300 @sf
12 r (.forward) s
1012 1175 p t-rom.300 @sf
174 c
(les,) s
12 r (and) s
11 r (reads) s
11 r (them) s
11 r (in) s
11 r (search) s
12 r (of) s
10 r (names) s
12 r (of) s
10 r (other) s
11 r (machines) s
1012 1225 p (it) s
18 r (can) s
19 r (attack.) s
38 r (It) s
18 r (also) s
18 r (records) s
19 r (the) s
18 r (user) s
18 r (name,) s
22 r (encrypted) s
1012 1274 p (password,) s
22 r (and) s
t-ita.300 @sf
18 r (GECOS) s
t-rom.300 @sf
19 r (information) s
17 r (string,) s
19 r (all) s
19 r (of) s
18 r (which) s
1012 1324 p (are) s
15 r (stored) s
14 r (in) s
13 r (the) s
c-med.300 @sf
14 r (/etc/passwd) s
13 r t-rom.300 @sf
174 c
(le.) s
25 r (Once) s
15 r (the) s
14 r (program) s
1012 1374 p (scanned) s
12 r (the) s
10 r (entire) s
10 r 174 c
(le,) s
10 r (it) s
10 r (advanced) s
11 r (to) s
10 r (Phase) s
11 r (1.) s
t-bol.300 @sf
1012 1491 p (A.4.3) s
42 r (Phase) s
17 r 49 c
t-rom.300 @sf
1012 1571 p (This) s
11 r (phase) s
11 r (of) s
11 r (the) s
10 r (cracking) s
11 r (code) s
11 r (attacked) s
11 r (passwords) s
10 r (on) s
11 r (the) s
1012 1621 p (local) s
13 r (machine.) s
23 r (It) s
13 r (chose) s
13 r (several) s
14 r (likely) s
12 r (passwords) s
13 r (for) s
12 r (each) s
1012 1671 p (user) s
-1 r 44 c
11 r (which) s
11 r (were) s
12 r (then) s
10 r (encrypted) s
11 r (and) s
11 r (compared) s
11 r (against) s
11 r (the) s
1012 1721 p (encryptions) s
10 r (obtained) s
9 r (in) s
10 r (Phase) s
11 r 48 c
10 r (from) s
c-med.300 @sf
10 r (/etc/passwd) s
t-rom.300 @sf
58 c
cmsy10.300 @sf
1054 1772 p 15 c
t-rom.300 @sf
20 r (No) s
11 r (password) s
10 r (at) s
10 r (all.) s
cmsy10.300 @sf
1054 1821 p 15 c
t-rom.300 @sf
20 r (The) s
11 r (user) s
11 r (name) s
11 r (itself.) s
cmsy10.300 @sf
1054 1871 p 15 c
t-rom.300 @sf
20 r (The) s
11 r (user) s
11 r (name) s
11 r (appended) s
11 r (to) s
9 r (itself.) s
cmsy10.300 @sf
1054 1921 p 15 c
t-rom.300 @sf
20 r (The) s
11 r (second) s
10 r (of) s
9 r (the) s
10 r (comma) s
11 r (separated) s
t-ita.300 @sf
11 r (GECOS) s
t-rom.300 @sf
9 r (informa-) s
1095 1971 p (tion) s
9 r 174 c
(elds,) s
11 r (which) s
10 r (is) s
10 r (commonly) s
10 r 97 c
11 r (nickname.) s
cmsy10.300 @sf
1054 2021 p 15 c
t-rom.300 @sf
20 r (The) s
12 r (remainder) s
12 r (of) s
11 r (the) s
11 r (full) s
10 r (name) s
12 r (after) s
11 r (the) s
11 r 174 c
(rst) s
11 r (name) s
12 r (in) s
1095 2070 p (the) s
t-ita.300 @sf
14 r (GECOS) s
14 r t-rom.300 @sf
174 c
(elds,) s
16 r (i.e.) s
26 r (probably) s
12 r (the) s
14 r (last) s
14 r (name,) s
17 r (with) s
1095 2120 p (the) s
11 r 174 c
(rst) s
10 r (letter) s
9 r (converted) s
10 r (to) s
10 r (lower) s
10 r (case.) s
cmsy10.300 @sf
1054 2170 p 15 c
t-rom.300 @sf
20 r (This) s
11 r 96 c
-2 r (`last) s
8 r (name') s
-2 r 39 c
10 r (reversed.) s
1054 2221 p (All) s
14 r (of) s
15 r (these) s
15 r (attacks) s
15 r (are) s
16 r (applied) s
14 r (to) s
14 r 174 c
(fty) s
14 r (passwords) s
15 r (at) s
15 r 97 c
1012 2271 p (time) s
13 r (from) s
12 r (those) s
12 r (collected) s
12 r (in) s
12 r (Phase) s
13 r (0.) s
20 r (Once) s
13 r (it) s
11 r (had) s
13 r (tried) s
11 r (to) s
1012 2321 p (guess) s
14 r (the) s
13 r (passwords) s
13 r (for) s
13 r (all) s
13 r (local) s
13 r (accounts,) s
15 r (it) s
12 r (advanced) s
14 r (to) s
1012 2371 p (Phase) s
12 r (2.) s
t-bol.300 @sf
1012 2488 p (A.4.4) s
42 r (Phase) s
17 r 50 c
t-rom.300 @sf
1012 2568 p (Phase) s
16 r 50 c
15 r (takes) s
15 r (the) s
14 r (internal) s
14 r (word) s
14 r (list) s
13 r (distribut) s
-1 r (ed) s
13 r (as) s
16 r (part) s
14 r (of) s
1012 2617 p (the) s
14 r (virus) s
14 r (\(see) s
15 r (Appendix) s
13 r (B\)) s
14 r (and) s
14 r (shuf) s
175 c
(es) s
13 r (it.) s
25 r (Then) s
15 r (it) s
13 r (takes) s
1012 2667 p (the) s
13 r (words) s
12 r (one) s
13 r (at) s
13 r 97 c
13 r (time) s
13 r (and) s
13 r (decodes) s
13 r (them) s
13 r (\(the) s
12 r (high) s
12 r (bit) s
12 r (is) s
1012 2717 p (set) s
11 r (on) s
11 r (all) s
10 r (of) s
11 r (the) s
10 r (characters) s
12 r (to) s
11 r (obscure) s
11 r (them\)) s
10 r (and) s
11 r (tries) s
10 r (them) s
954 2842 p (20) s
@eop
21 @bop0
21 @bop1
t-rom.300 @sf
-36 96 p (against) s
9 r (all) s
11 r (collected) s
11 r (passwords.) s
17 r (It) s
11 r (maintains) s
10 r 97 c
12 r (global) s
10 r (vari-) s
-36 146 p (able) s
c-med.300 @sf
8 r (nextw) s
t-rom.300 @sf
9 r (as) s
10 r (an) s
9 r (index) s
9 r (into) s
8 r (this) s
8 r (table.) s
14 r (The) s
10 r (main) s
9 r (loop) s
8 r (uses) s
-36 196 p (thi) s
-1 r 115 c
7 r (to) s
7 r (prevent) s
c-med.300 @sf
8 r (pleasequit) s
t-rom.300 @sf
7 r (from) s
8 r (causing) s
8 r (the) s
8 r (virus) s
7 r (to) s
7 r (exit) s
-36 246 p (unti) s
-1 r 108 c
7 r (at) s
9 r (least) s
10 r (ten) s
9 r (of) s
9 r (the) s
9 r (words) s
9 r (have) s
10 r (been) s
10 r (checked) s
10 r (against) s
9 r (all) s
-36 295 p (of) s
8 r (the) s
11 r (encryptions) s
9 r (in) s
9 r (the) s
10 r (collected) s
11 r (list.) s
4 345 p (Again,) s
8 r (when) s
7 r (the) s
7 r (word) s
6 r (list) s
6 r (is) s
7 r (exhausted) s
7 r (the) s
7 r (virus) s
6 r (advances) s
-36 395 p (to) s
8 r (Phase) s
11 r (3.) s
t-bol.300 @sf
-36 504 p (A.4.5) s
40 r (Phase) s
17 r 51 c
t-rom.300 @sf
-36 581 p (Phase) s
18 r 51 c
18 r (looks) s
18 r (at) s
18 r (the) s
19 r (local) s
c-med.300 @sf
18 r (/usr/dict/words) s
17 r t-rom.300 @sf
174 c
(le,) s
21 r 97 c
-36 631 p (24474) s
8 r (word) s
11 r (list) s
9 r (distributed) s
9 r (with) s
10 r (4.3BSD) s
11 r (\(and) s
10 r (other) s
11 r (UNIX) s
-36 681 p (systems\)) s
11 r (as) s
13 r 97 c
13 r (spelling) s
11 r (dictionary) s
-3 r 46 c
19 r (The) s
12 r (words) s
12 r (are) s
13 r (stored) s
12 r (in) s
-36 731 p (thi) s
-1 r 115 c
15 r 174 c
(le) s
16 r (one) s
16 r (word) s
16 r (per) s
16 r (line.) s
31 r (One) s
17 r (word) s
15 r (at) s
17 r 97 c
16 r (time) s
16 r (is) s
16 r (tried) s
-36 781 p (against) s
12 r (all) s
14 r (encrypted) s
13 r (passwords.) s
25 r (If) s
14 r (the) s
14 r (word) s
13 r (begins) s
14 r (with) s
-36 830 p (an) s
14 r (upper) s
14 r (case) s
16 r (letter) s
-1 r 44 c
15 r (the) s
15 r (letter) s
14 r (is) s
15 r (converted) s
14 r (to) s
15 r (lower) s
14 r (case) s
-36 880 p (and) s
9 r (the) s
10 r (word) s
10 r (is) s
10 r (tried) s
9 r (again.) s
4 930 p (When) s
10 r (the) s
11 r (dictionary) s
8 r (runs) s
10 r (out,) s
10 r (the) s
10 r (phase) s
11 r (counter) s
10 r (is) s
10 r (again) s
-36 980 p (advanced) s
20 r (to) s
19 r 52 c
21 r (\(thus) s
19 r (no) s
20 r (more) s
21 r (password) s
20 r (cracking) s
21 r (is) s
20 r (at-) s
-36 1030 p (tempted\).) s
t-bol.360 @sf
-36 1147 p (A.5) s
49 r 72 c
18 r 114 c
(outines) s
t-rom.300 @sf
-36 1224 p (The) s
16 r 96 c
-2 r (`h) s
14 r (routines') s
-2 r 39 c
14 r (are) s
18 r 97 c
16 r (collection) s
16 r (of) s
16 r (routines) s
15 r (with) s
15 r (short) s
-36 1274 p (names,) s
15 r (such) s
14 r (as) s
t-ita.300 @sf
14 r (hg) s
t-rom.300 @sf
44 c
t-ita.300 @sf
15 r (ha) s
t-rom.300 @sf
44 c
t-ita.300 @sf
15 r (hi) s
t-rom.300 @sf
44 c
14 r (and) s
t-ita.300 @sf
14 r (hl) s
t-rom.300 @sf
44 c
15 r (which) s
13 r (search) s
15 r (for) s
13 r (other) s
-36 1324 p (hosts) s
8 r (to) s
10 r (attack.) s
t-bol.300 @sf
-36 1433 p (A.5.1) s
40 r (hg) s
t-rom.300 @sf
-36 1510 p (The) s
t-ita.300 @sf
8 r (hg) s
t-rom.300 @sf
7 r (routine) s
8 r (calls) s
t-ita.300 @sf
8 r (rt) s
2 r 13 2 ru
13 r (init) s
t-rom.300 @sf
7 r (\(if) s
7 r (it) s
8 r (has) s
9 r (not) s
7 r (already) s
9 r (been) s
9 r (called\)) s
-36 1560 p (to) s
11 r (scan) s
14 r (the) s
13 r (routing) s
12 r (table,) s
14 r (and) s
13 r (records) s
13 r (all) s
13 r (gateways) s
14 r (except) s
-36 1610 p (the) s
8 r (loopback) s
9 r (address) s
10 r (in) s
9 r 97 c
11 r (special) s
10 r (list.) s
12 r (It) s
10 r (then) s
9 r (tries) s
9 r 97 c
10 r (generic) s
-36 1660 p (attack) s
13 r (routine) s
13 r (to) s
14 r (attack) s
14 r (via) s
c-med.300 @sf
14 r (rsh) s
t-rom.300 @sf
44 c
c-med.300 @sf
16 r (finger) s
t-rom.300 @sf
44 c
15 r (and) s
15 r (SMTP) s
-4 r 46 c
14 r (It) s
-36 1710 p (returns) s
8 r (after) s
11 r (the) s
10 r 174 c
(rst) s
10 r (successful) s
11 r (attack.) s
t-bol.300 @sf
-36 1818 p (A.5.2) s
40 r (ha) s
t-rom.300 @sf
-36 1896 p (The) s
t-ita.300 @sf
10 r (ha) s
t-rom.300 @sf
11 r (routine) s
10 r (goes) s
11 r (through) s
10 r (the) s
11 r (gateway) s
11 r (list) s
10 r (and) s
11 r (connects) s
-36 1946 p (to) s
7 r (TCP) s
10 r (port) s
9 r (23,) s
9 r (the) s
10 r (telnet) s
8 r (port,) s
9 r (looking) s
8 r (for) s
9 r (gateways) s
10 r (which) s
-36 1996 p (are) s
9 r (running) s
7 r (telnet) s
9 r (listeners.) s
13 r (It) s
9 r (randomizes) s
9 r (the) s
9 r (order) s
9 r (of) s
9 r (such) s
-36 2045 p (gateways) s
8 r (and) s
9 r (calls) s
t-ita.300 @sf
10 r (hn) s
t-rom.300 @sf
8 r (\(our) s
9 r (name\)) s
10 r (with) s
8 r (the) s
8 r (network) s
9 r (number) s
-36 2095 p (of) s
9 r (each) s
12 r (gateway) s
-2 r 46 c
15 r (The) s
t-ita.300 @sf
11 r (ha) s
t-rom.300 @sf
11 r (returns) s
10 r (after) s
t-ita.300 @sf
11 r (hn) s
t-rom.300 @sf
10 r (reports) s
10 r (that) s
10 r (it) s
10 r (has) s
-36 2145 p (succeeded) s
10 r (broken) s
10 r (into) s
9 r 97 c
11 r (host.) s
t-bol.300 @sf
-36 2254 p (A.5.3) s
40 r (hl) s
t-rom.300 @sf
-36 2331 p (The) s
t-ita.300 @sf
7 r (hl) s
t-rom.300 @sf
7 r (routine) s
7 r (iterates) s
8 r (through) s
6 r (all) s
8 r (the) s
7 r (addresses) s
10 r (for) s
7 r (the) s
8 r (local) s
-36 2381 p (machine) s
10 r (calling) s
t-ita.300 @sf
10 r (hn) s
t-rom.300 @sf
10 r (with) s
10 r (the) s
10 r (network) s
10 r (number) s
11 r (for) s
10 r (each) s
12 r (one.) s
-36 2431 p (It) s
9 r (returns) s
9 r (if) s
t-ita.300 @sf
10 r (hn) s
t-rom.300 @sf
10 r (indicates) s
9 r (success) s
12 r (in) s
10 r (breaking) s
10 r (into) s
9 r 97 c
10 r (host.) s
t-bol.300 @sf
-36 2540 p (A.5.4) s
40 r (hi) s
t-rom.300 @sf
-36 2617 p (The) s
t-ita.300 @sf
11 r (hi) s
t-rom.300 @sf
12 r (routine) s
11 r (goes) s
13 r (through) s
10 r (the) s
12 r (internal) s
12 r (host) s
11 r (list) s
11 r (\(see) s
14 r (sec-) s
-36 2667 p (tio) s
-1 r 110 c
8 r (A.4.2\)) s
10 r (and) s
10 r (tries) s
10 r (to) s
9 r (attack) s
10 r (each) s
11 r (host) s
10 r (via) s
c-med.300 @sf
9 r (rsh) s
t-rom.300 @sf
44 c
c-med.300 @sf
11 r (finger) s
t-rom.300 @sf
44 c
-36 2717 p (and) s
9 r (SMTP) s
-4 r 46 c
10 r (It) s
10 r (returns) s
10 r (if) s
10 r (when) s
10 r (one) s
10 r (host) s
10 r (is) s
10 r (infected.) s
t-bol.300 @sf
1012 96 p (A.5.5) s
42 r (hn) s
t-rom.300 @sf
1012 197 p (The) s
t-ita.300 @sf
8 r (hn) s
t-rom.300 @sf
7 r (routine) s
5 r (\(our) s
7 r (name\)) s
8 r (followed) s
t-ita.300 @sf
5 r (hi) s
t-rom.300 @sf
7 r (takes) s
7 r 97 c
8 r (network) s
6 r (num-) s
1012 247 p (ber) s
14 r (as) s
13 r (an) s
13 r (ar) s
(gument.) s
22 r (Surprisingl) s
-1 r 121 c
11 r (it) s
12 r (returns) s
12 r (if) s
13 r (the) s
12 r (network) s
1012 297 p (number) s
10 r (supplied) s
9 r (is) s
10 r (the) s
10 r (same) s
11 r (as) s
11 r (the) s
10 r (network) s
9 r (number) s
10 r (of) s
10 r (any) s
1012 346 p (of) s
16 r (the) s
16 r (interfaces) s
16 r (on) s
15 r (the) s
16 r (local) s
16 r (machine.) s
31 r (For) s
16 r (Class) s
16 r 65 c
15 r (ad-) s
1012 396 p (dresses) s
14 r (it) s
12 r (uses) s
13 r (the) s
13 r (Arpanet) s
12 r (IMP) s
13 r (convention) s
11 r (to) s
12 r (create) s
14 r (pos-) s
1012 446 p (sible) s
10 r (addresses) s
11 r (to) s
9 r (attack) s
10 r (\(net.[1-8].0.[1-255]\).) s
12 r (For) s
10 r (all) s
9 r (other) s
1012 496 p (networks) s
11 r (it) s
11 r (guesses) s
13 r (hosts) s
11 r (number) s
11 r (one) s
12 r (through) s
10 r (255) s
11 r (on) s
11 r (that) s
1012 546 p (network.) s
30 r (It) s
16 r (randomizes) s
16 r (the) s
15 r (order) s
16 r (of) s
15 r (this) s
15 r (list) s
15 r (of) s
15 r (possible) s
1012 596 p (hosts) s
13 r (and) s
14 r (tries) s
12 r (to) s
13 r (attack) s
14 r (up) s
13 r (to) s
12 r (twenty) s
13 r (of) s
13 r (them) s
13 r (using) s
c-med.300 @sf
12 r (rsh) s
t-rom.300 @sf
44 c
c-med.300 @sf
1012 645 p (finger) s
t-rom.300 @sf
44 c
11 r (and) s
10 r (SMTP) s
-4 r 46 c
10 r (If) s
10 r 97 c
11 r (host) s
9 r (does) s
11 r (not) s
9 r (accept) s
11 r (connections) s
1012 695 p (on) s
11 r (TCP) s
11 r (port) s
10 r (514,) s
11 r (the) s
c-med.300 @sf
11 r (rsh) s
t-rom.300 @sf
11 r (port,) s
t-ita.300 @sf
11 r (hn) s
t-rom.300 @sf
10 r (will) s
10 r (not) s
10 r (try) s
10 r (to) s
11 r (attack) s
11 r (it.) s
1012 745 p (If) s
10 r 97 c
11 r (host) s
10 r (is) s
10 r (successfully) s
10 r (attacked) s
t-ita.300 @sf
11 r (hn) s
t-rom.300 @sf
10 r (returns.) s
t-bol.300 @sf
1012 922 p (A.5.6) s
42 r (Usage) s
t-rom.300 @sf
1012 1023 p (The) s
13 r 96 c
-2 r (`h) s
11 r (routines') s
-3 r 39 c
10 r (are) s
13 r (called) s
12 r (in) s
12 r (groups) s
11 r (in) s
12 r (the) s
11 r (main) s
13 r (loop;) s
11 r (if) s
1012 1073 p (the) s
13 r 174 c
(rst) s
12 r (routine) s
11 r (succeedes) s
14 r (in) s
12 r 174 c
(nding) s
11 r 97 c
13 r (vulnerable) s
12 r (host) s
12 r (the) s
1012 1123 p (remaining) s
11 r (routines) s
10 r (are) s
11 r (not) s
11 r (called) s
11 r (in) s
10 r (the) s
11 r (current) s
11 r (pass.) s
16 r (Each) s
1012 1173 p (routine) s
14 r (returns) s
13 r (after) s
15 r (it) s
13 r 174 c
(nds) s
14 r (one) s
15 r (vulnerable) s
13 r (host.) s
26 r (The) s
t-ita.300 @sf
15 r (hg) s
t-rom.300 @sf
1012 1223 p (routine) s
11 r (is) s
12 r (always) s
13 r (called) s
12 r 174 c
(rst,) s
13 r (which) s
12 r (indicates) s
12 r (the) s
12 r (virus) s
11 r (re-) s
1012 1272 p (ally) s
16 r (wanted) s
15 r (to) s
16 r (infect) s
15 r (gateway) s
16 r (machines.) s
32 r (Next) s
15 r (comes) s
t-ita.300 @sf
17 r (hi) s
t-rom.300 @sf
1012 1322 p (which) s
11 r (tried) s
10 r (to) s
11 r (infect) s
10 r (normal) s
11 r (hosts) s
10 r (found) s
10 r (via) s
t-ita.300 @sf
11 r (cracksome) s
t-rom.300 @sf
46 c
18 r (If) s
t-ita.300 @sf
1012 1372 p (hi) s
t-rom.300 @sf
7 r (fails,) s
t-ita.300 @sf
8 r (ha) s
t-rom.300 @sf
7 r (is) s
7 r (called,) s
9 r (which) s
6 r (seemed) s
9 r (to) s
7 r (try) s
6 r (breaking) s
7 r (into) s
6 r (hosts) s
1012 1422 p (with) s
14 r (randomly) s
13 r (guessed) s
15 r (addresses) s
15 r (on) s
14 r (the) s
14 r (far) s
14 r (side) s
15 r (of) s
13 r (gate-) s
1012 1472 p (ways.) s
15 r (This) s
9 r (assumes) s
11 r (that) s
9 r (all) s
9 r (the) s
10 r (addresses) s
10 r (for) s
9 r (gateways) s
11 r (had) s
1012 1521 p (been) s
13 r (obtained) s
11 r (\(which) s
12 r (is) s
12 r (not) s
11 r (trivial) s
10 r (to) s
12 r (verify) s
11 r (from) s
12 r (the) s
12 r (con-) s
1012 1571 p (voluted) s
14 r (code) s
15 r (in) s
t-ita.300 @sf
14 r (rt) s
15 r (init) s
t-rom.300 @sf
(\),) s
15 r (and) s
15 r (implies) s
14 r (that) s
14 r (the) s
15 r (virus) s
14 r (would) s
1012 1621 p (prefer) s
14 r (to) s
12 r (infect) s
12 r 97 c
14 r (gateway) s
13 r (and) s
13 r (from) s
13 r (there) s
13 r (reach) s
13 r (out) s
12 r (to) s
13 r (the) s
1012 1671 p (gateway') s
-1 r 115 c
8 r (connected) s
8 r (networks,) s
8 r (rather) s
8 r (than) s
8 r (trying) s
6 r (to) s
7 r (hop) s
8 r (the) s
1012 1721 p (gateway) s
10 r (directly) s
-2 r 46 c
12 r (If) s
t-ita.300 @sf
9 r (hg) s
t-rom.300 @sf
44 c
t-ita.300 @sf
10 r (hi) s
t-rom.300 @sf
44 c
9 r (and) s
t-ita.300 @sf
9 r (ha) s
t-rom.300 @sf
9 r (all) s
9 r (failed) s
9 r (to) s
9 r (infect) s
9 r 97 c
10 r (host,) s
1012 1771 p (then) s
t-ita.300 @sf
14 r (hl) s
t-rom.300 @sf
14 r (is) s
14 r (called) s
15 r (which) s
13 r (is) s
14 r (similar) s
14 r (to) s
t-ita.300 @sf
14 r (ha) s
t-rom.300 @sf
14 r (but) s
13 r (uses) s
15 r (for) s
14 r (local) s
1012 1820 p (interfaces) s
11 r (for) s
10 r 97 c
11 r (source) s
11 r (of) s
9 r (networks.) s
1054 1882 p (It) s
10 r (is) s
10 r (not) s
10 r (clear) s
11 r (that) s
t-ita.300 @sf
10 r (ha) s
t-rom.300 @sf
10 r (and) s
t-ita.300 @sf
11 r (hl) s
t-rom.300 @sf
10 r (worked.) s
14 r (Because) s
t-ita.300 @sf
12 r (hn) s
t-rom.300 @sf
10 r (returns) s
1012 1932 p (if) s
10 r (the) s
10 r (address) s
11 r (is) s
11 r (local,) s
t-ita.300 @sf
10 r (hl) s
t-rom.300 @sf
10 r (appears) s
11 r (to) s
10 r (have) s
11 r (no) s
10 r (chance) s
11 r (of) s
10 r (suc-) s
1012 1982 p (ceeding.) s
15 r (If) s
10 r (alternate) s
10 r (addresses) s
11 r (for) s
10 r (gateways) s
11 r (are) s
11 r (indeed) s
10 r (ob-) s
1012 2032 p (tained) s
12 r (by) s
11 r (other) s
11 r (parts) s
12 r (of) s
11 r (the) s
12 r (virus) s
11 r (then) s
t-ita.300 @sf
11 r (ha) s
t-rom.300 @sf
11 r (could) s
12 r (work.) s
17 r (But) s
1012 2082 p (if) s
10 r (only) s
9 r (the) s
9 r (addresses) s
12 r (in) s
9 r (the) s
10 r (routing) s
8 r (table) s
9 r (were) s
11 r (used) s
10 r (it) s
9 r (could) s
1012 2131 p (not) s
14 r (work,) s
16 r (since) s
15 r (by) s
14 r (de) s
174 c
(nition) s
13 r (these) s
15 r (addresses) s
16 r (must) s
15 r (be) s
15 r (on) s
1012 2181 p 97 c
13 r (directly) s
11 r (connected) s
13 r (network.) s
19 r (Also,) s
12 r (in) s
12 r (our) s
11 r (monitoring) s
10 r (we) s
1012 2231 p (never) s
12 r (detected) s
12 r (an) s
11 r (attack) s
12 r (on) s
11 r 97 c
11 r (randomly) s
11 r (generated) s
12 r (address.) s
1012 2281 p (These) s
12 r (routines) s
9 r (do) s
10 r (not) s
9 r (seem) s
12 r (to) s
10 r (have) s
11 r (been) s
10 r (functional.) s
t-bol.360 @sf
1012 2467 p (A.6) s
51 r (Attack) s
18 r 114 c
(outines) s
t-rom.300 @sf
1012 2568 p (There) s
11 r (are) s
11 r 97 c
11 r (collection) s
9 r (of) s
9 r (attack) s
11 r (routines,) s
9 r (all) s
10 r (of) s
9 r (which) s
10 r (try) s
9 r (to) s
1012 2617 p (obtain) s
8 r 97 c
8 r (Bourne) s
8 r (Shell) s
8 r (running) s
6 r (on) s
8 r (the) s
8 r (tar) s
(geted) s
7 r (machine.) s
15 r (See) s
1012 2667 p (Appendix) s
9 r (A.7) s
10 r (for) s
9 r 97 c
10 r (description) s
8 r (of) s
9 r (the) s
c-med.300 @sf
9 r (l1.c) s
t-rom.300 @sf
10 r (program,) s
9 r (used) s
1012 2717 p (by) s
10 r (all) s
10 r (the) s
10 r (attack) s
11 r (routines.) s
954 2842 p (21) s
@eop
22 @bop0
22 @bop1
t-bol.300 @sf
-36 96 p (A.6.1) s
40 r (hu1) s
t-rom.300 @sf
-36 176 p (The) s
t-ita.300 @sf
8 r (hu1) s
t-rom.300 @sf
9 r (routine) s
8 r (is) s
8 r (called) s
10 r (by) s
8 r (the) s
9 r (Phase) s
10 r 49 c
9 r (and) s
9 r (Phase) s
11 r 51 c
t-ita.300 @sf
8 r (crack-) s
-36 226 p (some) s
t-rom.300 @sf
9 r (subroutines.) s
13 r (Once) s
11 r 97 c
10 r (password) s
11 r (for) s
9 r (user) s
11 r (name) s
11 r (guessed) s
-36 276 p (correctly) s
-3 r 44 c
10 r (this) s
10 r (routine) s
10 r (is) s
11 r (called) s
11 r (with) s
10 r 97 c
12 r (host) s
10 r (name) s
12 r (read) s
12 r (from) s
-36 326 p (either) s
12 r (the) s
13 r (user) s
2 r 39 c
-1 r 115 c
c-med.300 @sf
13 r (.forward) s
t-rom.300 @sf
13 r (or) s
c-med.300 @sf
13 r (.rhosts) s
14 r t-rom.300 @sf
174 c
(les.) s
24 r (In) s
14 r (order) s
-36 376 p (to) s
10 r (assume) s
14 r (the) s
12 r (user) s
2 r 39 c
-1 r 115 c
10 r (id) s
12 r (it) s
11 r (then) s
12 r (tries) s
12 r (to) s
12 r (connect) s
12 r (to) s
12 r (the) s
12 r (local) s
-36 425 p (machine') s
-1 r 115 c
c-med.300 @sf
7 r (rexec) s
t-rom.300 @sf
9 r (server) s
9 r (using) s
8 r (the) s
9 r (guessed) s
10 r (name) s
10 r (and) s
9 r (pass-) s
-36 475 p (word.) s
21 r (If) s
14 r (successful) s
14 r (it) s
12 r (runs) s
13 r (an) s
c-med.300 @sf
14 r (rsh) s
t-rom.300 @sf
13 r (to) s
13 r (the) s
13 r (tar) s
(get) s
12 r (machine,) s
-36 525 p (tryi) s
-1 r (ng) s
7 r (to) s
9 r (execute) s
10 r 97 c
9 r (Bourne) s
9 r (Shell,) s
9 r (which) s
9 r (it) s
8 r (uses) s
10 r (to) s
8 r (send) s
10 r (over) s
-36 575 p (and) s
9 r (compile) s
10 r (the) s
c-med.300 @sf
10 r (l1.c) s
t-rom.300 @sf
10 r (infection) s
9 r (program.) s
t-bol.300 @sf
-36 692 p (A.6.2) s
40 r (Hit) s
16 r (SMTP) s
t-rom.300 @sf
-36 772 p (This) s
9 r (routine) s
9 r (make) s
12 r 97 c
11 r (connection) s
10 r (to) s
10 r (TCP) s
10 r (port) s
10 r (25,) s
11 r (the) s
10 r (SMTP) s
-36 822 p (port) s
-1 r 44 c
10 r (of) s
11 r 97 c
12 r (remote) s
12 r (machine) s
12 r (and) s
11 r (used) s
12 r (it) s
10 r (to) s
11 r (take) s
11 r (advantage) s
12 r (of) s
-36 872 p (the) s
13 r (sendmail) s
14 r (bug.) s
26 r (It) s
14 r (attempts) s
14 r (to) s
14 r (use) s
15 r (the) s
15 r (debug) s
14 r (option) s
12 r (to) s
-36 922 p (make) s
c-med.300 @sf
12 r (sendmail) s
t-rom.300 @sf
13 r (run) s
12 r 97 c
13 r (command) s
14 r (\(the) s
13 r 96 c
-2 r (`recipient') s
-4 r 39 c
11 r (of) s
13 r (the) s
-36 972 p (message\),) s
15 r (which) s
14 r (transfers) s
14 r (the) s
c-med.300 @sf
14 r (l1.c) s
t-rom.300 @sf
13 r (program) s
14 r (included) s
13 r (in) s
-36 1021 p (the) s
9 r (body) s
9 r (of) s
10 r (the) s
10 r (message.) s
t-bol.300 @sf
-36 1139 p (A.6.3) s
40 r (Hit) s
16 r (\014nger) s
t-rom.300 @sf
-36 1219 p (The) s
9 r 96 c
-2 r (`hit) s
7 r 174 c
(nger) s
2 r 39 c
-2 r 39 c
8 r (routine) s
9 r (tries) s
9 r (to) s
9 r (make) s
11 r 97 c
10 r (connection) s
9 r (to) s
9 r (TCP) s
-36 1269 p (port) s
13 r (79,) s
17 r (the) s
15 r 174 c
(nger) s
15 r (port,) s
16 r (of) s
15 r (the) s
16 r (remote) s
15 r (machine.) s
31 r (Then) s
15 r (it) s
-36 1319 p (creates) s
10 r 97 c
11 r 96 c
-2 r (`magic) s
9 r (packet') s
-2 r 39 c
10 r (which) s
9 r (consists) s
10 r (of) s
cmsy10.300 @sf
4 1370 p 15 c
t-rom.300 @sf
21 r 65 c
17 r (400) s
16 r (byte) s
17 r 96 c
-2 r (`runway') s
-4 r 39 c
15 r (of) s
17 r 86 c
-4 r (AX) s
16 r 96 c
-2 r (`nop') s
-4 r 39 c
15 r (instructions,) s
46 1420 p (which) s
9 r (can) s
11 r (be) s
11 r (executed) s
11 r (harmlessly) s
-2 r 46 c
cmsy10.300 @sf
4 1469 p 15 c
t-rom.300 @sf
21 r 65 c
10 r (small) s
10 r (piece) s
10 r (of) s
10 r (code) s
10 r (which) s
10 r (executes) s
11 r 97 c
10 r (Bourne) s
10 r (Shell.) s
cmsy10.300 @sf
4 1519 p 15 c
t-rom.300 @sf
21 r 65 c
18 r (stack) s
18 r (frame,) s
22 r (with) s
17 r 97 c
19 r (return) s
17 r (address) s
19 r (which) s
18 r (would) s
46 1569 p (hopefully) s
8 r (point) s
9 r (into) s
9 r (the) s
10 r (code.) s
4 1620 p (Note) s
13 r (that) s
12 r (the) s
12 r (piece) s
14 r (of) s
12 r (code) s
14 r (is) s
12 r 86 c
-4 r (AX) s
11 r (code,) s
15 r (and) s
13 r (the) s
12 r (stack) s
-36 1670 p (frame) s
7 r (is) s
7 r 97 c
8 r 86 c
-4 r (AX) s
6 r (frame,) s
9 r (in) s
7 r (the) s
7 r (wrong) s
7 r (order) s
7 r (for) s
7 r (the) s
7 r (Sun.) s
13 r (Thus,) s
-36 1720 p (althou) s
-1 r (gh) s
13 r (the) s
14 r (Sun) s
14 r 174 c
(nger) s
15 r (daemon) s
15 r (has) s
15 r (the) s
14 r (same) s
16 r (bug) s
14 r (as) s
16 r (the) s
-36 1770 p 86 c
-4 r (A) s
-1 r 88 c
8 r (one,) s
11 r (this) s
9 r (piece) s
11 r (of) s
10 r (code) s
11 r (cannot) s
10 r (exploit) s
9 r (it.) s
4 1821 p (The) s
12 r (attack) s
11 r (on) s
11 r (the) s
11 r 174 c
(nger) s
11 r (daemon) s
12 r (is) s
11 r (clearly) s
11 r 97 c
11 r (lysogenetic) s
-36 1871 p 96 c
-2 r (`v) s
-1 r (i) s
-1 r (ral') s
-3 r 39 c
15 r (attack) s
17 r (\(see) s
18 r (Section) s
16 r (1.2\),) s
19 r (since) s
17 r (although) s
15 r 97 c
18 r (worm) s
-36 1920 p (doesn') s
-1 r 116 c
14 r (modify) s
15 r (the) s
15 r (host) s
15 r (machine) s
17 r (at) s
16 r (all,) s
17 r (the) s
16 r 174 c
(nger) s
15 r (attack) s
-36 1970 p (does) s
10 r (modify) s
11 r (the) s
12 r (running) s
10 r 174 c
(nger) s
11 r (daemon) s
12 r (process.) s
19 r (The) s
13 r 96 c
-2 r (`in-) s
-36 2020 p (jected) s
13 r (DNA) s
-4 r 39 c
-2 r 39 c
13 r (component) s
14 r (of) s
14 r (the) s
14 r (virus) s
14 r (contained) s
14 r (the) s
14 r 86 c
-4 r (AX) s
-36 2070 p (inst) s
-1 r (ructio) s
-1 r (ns) s
9 r (shown) s
9 r (in) s
10 r (Figure) s
10 r (4.) s
4 2121 p (The) s
t-ita.300 @sf
19 r (execve) s
t-rom.300 @sf
22 r (system) s
19 r (call) s
18 r (causes) s
20 r (the) s
19 r (current) s
18 r (process) s
19 r (to) s
-36 2171 p (be) s
19 r (replaced) s
20 r (with) s
19 r (an) s
20 r (invocation) s
18 r (of) s
19 r (the) s
20 r (named) s
20 r (program;) s
c-med.300 @sf
-36 2221 p (/bin/sh) s
t-rom.300 @sf
14 r (is) s
15 r (the) s
16 r (Bourne) s
15 r (Shell,) s
17 r 97 c
16 r (UNIX) s
16 r (command) s
17 r (inter-) s
-36 2270 p (preter) s
-2 r 46 c
12 r (In) s
7 r (this) s
8 r (case,) s
10 r (the) s
8 r (shell) s
8 r (winds) s
7 r (up) s
8 r (running) s
7 r (with) s
7 r (its) s
7 r (input) s
-36 2320 p (coming) s
9 r (from,) s
11 r (and) s
11 r (its) s
10 r (output) s
9 r (going) s
10 r (to,) s
10 r (the) s
11 r (network) s
10 r (connec-) s
-36 2370 p (tio) s
-1 r (n.) s
24 r (The) s
15 r (virus) s
14 r (then) s
14 r (sends) s
14 r (over) s
14 r (the) s
c-med.300 @sf
14 r (l1.c) s
t-rom.300 @sf
14 r (bootstrap) s
13 r (pro-) s
-36 2420 p (gram.) s
t-bol.300 @sf
-36 2537 p (A.6.4) s
40 r (Hit) s
16 r (rsh) s
t-rom.300 @sf
-36 2617 p (This) s
9 r (unlabeled) s
11 r (routine) s
9 r (tries) s
c-med.300 @sf
11 r (rsh) s
t-rom.300 @sf
10 r (to) s
11 r (the) s
10 r (tar) s
(get) s
10 r (host) s
10 r (\(assum-) s
-36 2667 p (ing) s
9 r (it) s
10 r (can) s
12 r (get) s
11 r (in) s
10 r (as) s
12 r (the) s
11 r (current) s
11 r (user\).) s
17 r (It) s
10 r (tries) s
11 r (three) s
11 r (dif) s
(ferent) s
-36 2717 p (names) s
10 r (for) s
10 r (the) s
c-med.300 @sf
10 r (rsh) s
t-rom.300 @sf
10 r (binary) s
-2 r 44 c
cmsy10.300 @sf
1054 96 p 15 c
c-med.300 @sf
20 r (/usr/ucb/rsh) s
cmsy10.300 @sf
1054 146 p 15 c
c-med.300 @sf
20 r (/usr/bin/rsh) s
cmsy10.300 @sf
1054 196 p 15 c
c-med.300 @sf
20 r (/bin/rsh) s
t-rom.300 @sf
1012 246 p (If) s
12 r (one) s
12 r (of) s
12 r (them) s
12 r (succeeds,) s
14 r (it) s
11 r (tries) s
12 r (to) s
11 r (resynchronize) s
12 r (\(see) s
13 r (Ap-) s
1012 295 p (pendix) s
7 r (A.8.1\)) s
9 r (the) s
7 r (connection;) s
8 r (if) s
7 r (that) s
7 r (doesn') s
116 c
7 r (succeed) s
9 r (within) s
1012 345 p (thirty) s
7 r (seconds) s
10 r (it) s
8 r (kills) s
7 r (of) s
102 c
8 r (the) s
8 r (child) s
8 r (process.) s
15 r (If) s
8 r (successful) s
10 r (the) s
1012 395 p (connection) s
8 r (can) s
8 r (then) s
8 r (be) s
8 r (used) s
8 r (to) s
7 r (launch) s
8 r (the) s
c-med.300 @sf
7 r (l1.c) s
t-rom.300 @sf
8 r 96 c
-2 r (`grappl) s
-1 r (ing) s
1012 445 p (hook') s
-2 r 39 c
8 r (program) s
10 r (at) s
11 r (the) s
10 r (victim.) s
1054 495 p (Note) s
16 r (that) s
15 r (this) s
15 r (infection) s
15 r (method) s
16 r (doesn') s
116 c
15 r (specify) s
16 r 97 c
16 r (user) s
1012 545 p (name) s
14 r (to) s
12 r (attack;) s
13 r (if) s
12 r (it) s
12 r (gets) s
12 r (into) s
12 r (the) s
12 r (remote) s
13 r (account,) s
13 r (it) s
12 r (is) s
12 r (be-) s
1012 594 p (cause) s
9 r (the) s
7 r (user) s
7 r (that) s
6 r (the) s
7 r (virus) s
6 r (is) s
7 r (running) s
5 r (as) s
8 r (also) s
7 r (has) s
7 r (an) s
7 r (account) s
1012 644 p (on) s
10 r (the) s
10 r (other) s
10 r (machine) s
10 r (which) s
10 r (trusts) s
9 r (the) s
10 r (originatin) s
-1 r 103 c
8 r (machine.) s
t-bol.300 @sf
1012 755 p (A.6.5) s
42 r (Hit) s
16 r 114 c
(exec) s
t-rom.300 @sf
1012 833 p (The) s
t-ita.300 @sf
19 r (hit) s
17 r 114 c
-1 r (exec) s
t-rom.300 @sf
20 r (routine) s
17 r (uses) s
19 r (the) s
18 r (remote) s
18 r (execution) s
18 r (system) s
1012 883 p (which) s
10 r (is) s
10 r (similar) s
9 r (to) s
c-med.300 @sf
9 r (rsh) s
t-rom.300 @sf
44 c
10 r (but) s
9 r (designed) s
10 r (for) s
9 r (use) s
11 r (by) s
9 r (programs.) s
1012 932 p (It) s
17 r (connects) s
17 r (and) s
16 r (sends) s
17 r (the) s
17 r (user) s
17 r (name,) s
19 r (the) s
17 r (password,) s
19 r (and) s
c-med.300 @sf
1012 982 p (/bin/sh) s
t-rom.300 @sf
10 r (as) s
11 r (the) s
10 r (command) s
11 r (to) s
10 r (execute.) s
t-bol.300 @sf
1012 1093 p (A.6.6) s
42 r (makemagic) s
t-rom.300 @sf
1012 1171 p (This) s
10 r (routine) s
8 r (tries) s
9 r (to) s
8 r (make) s
11 r 97 c
9 r (telnet) s
9 r (connection) s
9 r (to) s
8 r (each) s
11 r (of) s
9 r (the) s
1012 1221 p (available) s
10 r (addresses) s
10 r (for) s
9 r (the) s
9 r (current) s
9 r (victim.) s
13 r (It) s
9 r (broke) s
9 r (the) s
9 r (con-) s
1012 1271 p (nections) s
15 r (immediately) s
-2 r 44 c
15 r (often) s
15 r (producing) s
13 r (error) s
14 r (reports) s
15 r (from) s
1012 1320 p (the) s
10 r (telnet) s
9 r (daemon,) s
11 r (which) s
9 r (were) s
10 r (recorded,) s
11 r (and) s
9 r (provide) s
9 r (some) s
1012 1370 p (of) s
10 r (the) s
11 r (earliest) s
10 r (reports) s
9 r (of) s
10 r (attack) s
11 r (attempts.) s
cmr7.300 @sf
1680 1356 p (23) s
t-rom.300 @sf
1054 1420 p (If) s
11 r (it) s
10 r (succeedes) s
14 r (in) s
10 r (reaching) s
12 r (the) s
11 r (host,) s
11 r (it) s
10 r (creates) s
13 r 97 c
12 r (TCP) s
11 r (lis-) s
1012 1470 p (tener) s
10 r (on) s
9 r 97 c
10 r (random) s
9 r (port) s
8 r (number) s
10 r (which) s
8 r (the) s
10 r (infected) s
9 r (machine) s
1012 1520 p (would) s
10 r (eventually) s
9 r (connect) s
10 r (back) s
11 r (to.) s
t-bol.360 @sf
1012 1639 p (A.7) s
51 r (Grappling) s
17 r (Hook) s
t-rom.300 @sf
1012 1717 p 65 c
14 r (short) s
12 r (program,) s
14 r (named) s
c-med.300 @sf
14 r (l1.c) s
t-rom.300 @sf
44 c
14 r (is) s
13 r (the) s
13 r (common) s
13 r (grappling) s
1012 1766 p (hook) s
11 r (that) s
10 r (all) s
11 r (of) s
10 r (the) s
11 r (attack) s
11 r (routines) s
10 r (use) s
12 r (to) s
10 r (pull) s
10 r (over) s
11 r (the) s
11 r (rest) s
1012 1816 p (of) s
9 r (the) s
8 r (virus.) s
13 r (It) s
8 r (is) s
8 r (robustly) s
7 r (written,) s
8 r (and) s
8 r (fairly) s
8 r (portable.) s
12 r (It) s
8 r (ran) s
1012 1866 p (on) s
11 r 97 c
10 r (number) s
11 r (of) s
10 r (machines) s
11 r (which) s
10 r (were) s
11 r (neither) s
10 r 86 c
-4 r (AX) s
9 r (or) s
10 r (Sun,) s
1012 1916 p (loading) s
11 r (them) s
11 r (down) s
11 r (as) s
12 r (well,) s
12 r (but) s
10 r (only) s
11 r (making) s
11 r (them) s
12 r (periph-) s
1012 1966 p (eral) s
11 r (victims) s
10 r (of) s
10 r (the) s
10 r (virus.) s
1054 2016 p (The) s
11 r 174 c
(rst) s
11 r (thing) s
9 r (it) s
10 r (does) s
11 r (is) s
10 r (delete) s
11 r (the) s
11 r (binary) s
10 r (it) s
10 r (was) s
11 r (running) s
1012 2065 p (from.) s
16 r (It) s
10 r (checks) s
12 r (that) s
10 r (it) s
9 r (has) s
12 r (three) s
10 r (ar) s
(guments) s
10 r (\(exiting) s
9 r (if) s
10 r (there) s
1012 2115 p (aren') s
116 c
11 r (three) s
11 r (of) s
11 r (them\).) s
17 r (It) s
11 r (closes) s
12 r (all) s
11 r 174 c
(le) s
11 r (descriptors) s
11 r (and) s
11 r (then) s
1012 2165 p (forks,) s
11 r (exiting) s
9 r (if) s
10 r (the) s
10 r (fork) s
10 r (fails.) s
14 r (If) s
10 r (it) s
10 r (succeeds,) s
13 r (the) s
10 r (parent) s
10 r (ex-) s
1012 2215 p (its;) s
9 r (this) s
8 r (leaves) s
10 r (no) s
8 r (connection) s
9 r (from) s
9 r (the) s
8 r (child) s
9 r (to) s
8 r (the) s
9 r (infection) s
1012 2265 p (route.) s
1054 2315 p (Next,) s
17 r (it) s
15 r (creates) s
16 r 97 c
16 r (TCP) s
16 r (connection) s
15 r (back) s
16 r (to) s
15 r (the) s
15 r (address) s
1012 2364 p (given) s
7 r (as) s
9 r (the) s
7 r 174 c
(rst) s
8 r (ar) s
(gument,) s
7 r (and) s
8 r (the) s
7 r (port) s
7 r (given) s
7 r (as) s
8 r (the) s
8 r (second.) s
1012 2414 p (Then) s
16 r (it) s
15 r (sends) s
16 r (over) s
15 r (the) s
15 r (magic) s
16 r (number) s
16 r (given) s
14 r (as) s
16 r (the) s
16 r (third.) s
1012 2464 p (The) s
12 r (text) s
11 r (of) s
11 r (each) s
12 r (ar) s
(gument) s
11 r (is) s
11 r (erased) s
12 r (immediately) s
11 r (after) s
11 r (it) s
11 r (is) s
1012 2514 p (used.) s
14 r (The) s
7 r (stream) s
8 r (connection) s
7 r (is) s
6 r (then) s
7 r (reused) s
8 r (as) s
7 r (the) s
7 r (program') s
-1 r 115 c
1012 2564 p (standard) s
10 r (input) s
9 r (and) s
11 r (output.) s
1012 2600 p 390 2 ru
cmr6.300 @sf
1040 2627 p (23) s
t-rom.240 @sf
1072 2638 p (On) s
6 r (fast) s
6 r (machines,) s
6 r (such) s
5 r (as) s
6 r (the) s
6 r (DEC) s
6 r 86 c
-3 r (AX) s
5 r (3200,) s
6 r (there) s
5 r (may) s
6 r (be) s
5 r (no) s
6 r (record) s
1012 2678 p (of) s
9 r (these) s
9 r (attacks,) s
8 r (since) s
9 r (the) s
8 r (connection) s
7 r (is) s
10 r (handed) s
7 r (of) s
102 c
8 r (fast) s
9 r (enough) s
7 r (to) s
9 r (satisfy) s
1012 2717 p (the) s
8 r (daemon.) s
t-rom.300 @sf
954 2842 p (22) s
@eop
23 @bop0
/Courier /c-med.240 ReEncodeForTeX /c-med.240 /c-med.240 33.208800 TeXPSmakefont def
23 @bop1
c-med.300 @sf
162 124 p (pushl) s
74 r ($68732f) s
223 r (push) s
25 r ('/sh<NUL>') s
162 174 p (pushl) s
74 r ($6e69622f) s
173 r (push) s
25 r ('/bin') s
162 224 p (movl) s
99 r (sp,r10) s
248 r (save) s
25 r (address) s
24 r (of) s
25 r (start) s
24 r (of) s
25 r (string) s
162 273 p (pushl) s
74 r ($0) s
348 r (push) s
25 r 48 c
25 r (\(arg) s
24 r 51 c
25 r (to) s
25 r (execve\)) s
162 323 p (pushl) s
74 r ($0) s
348 r (push) s
25 r 48 c
25 r (\(arg) s
24 r 50 c
25 r (to) s
25 r (execve\)) s
162 373 p (pushl) s
74 r (r10) s
323 r (push) s
25 r (string) s
24 r (addr) s
25 r (\(arg) s
24 r 49 c
25 r (to) s
25 r (execve\)) s
162 423 p (pushl) s
74 r ($3) s
348 r (push) s
25 r (argument) s
24 r (count) s
162 473 p (movl) s
99 r (sp,ap) s
273 r (set) s
25 r (argument) s
24 r (pointer) s
162 522 p (chmk) s
99 r ($3b) s
323 r (do) s
25 r ("execve") s
24 r (kernel) s
25 r (call.) s
t-rom.300 @sf
556 655 p (Figure) s
10 r (4:) s
13 r 86 c
-4 r (AX) s
9 r (intructions) s
8 r (for) s
10 r (the) s
c-med.300 @sf
10 r (finger) s
t-rom.300 @sf
10 r (attack.) s
4 789 p 65 c
15 r (loop) s
15 r (reads) s
16 r (in) s
15 r 97 c
16 r (length) s
14 r (\(as) s
16 r 97 c
16 r (network) s
14 r (byte) s
15 r (order) s
15 r (32-) s
-36 839 p (bit) s
11 r (integer\)) s
13 r (and) s
14 r (then) s
13 r 97 c
14 r 174 c
(lename.) s
26 r (The) s
14 r 174 c
(le) s
14 r (is) s
13 r (unlinked) s
13 r (and) s
-36 888 p (opened) s
7 r (for) s
9 r (write,) s
8 r (and) s
9 r (then) s
9 r (the) s
8 r 174 c
(le) s
9 r (itself) s
8 r (is) s
9 r (read) s
9 r (in) s
8 r (\(using) s
8 r (the) s
-36 938 p (number) s
12 r (of) s
14 r (bytes) s
14 r (read) s
15 r (in) s
13 r (earlier) s
-1 r (.\)) s
24 r (On) s
14 r (any) s
14 r (error) s
-1 r 44 c
14 r (all) s
14 r (of) s
14 r (the) s
-36 988 p 174 c
(les) s
9 r (are) s
11 r (unlinked.) s
13 r (If) s
10 r (the) s
10 r (length) s
9 r (read) s
10 r (in) s
10 r (is) s
10 r (-1,) s
10 r (the) s
11 r (loop) s
9 r (exits,) s
-36 1038 p (and) s
9 r 97 c
11 r (Bourne) s
9 r (Shell) s
10 r (is) s
10 r (executed) s
11 r (\(replacing) s
10 r (the) s
c-med.300 @sf
10 r (l1) s
t-rom.300 @sf
10 r (program,) s
-36 1088 p (and) s
9 r (getting) s
9 r (its) s
9 r (input) s
9 r (from) s
10 r (the) s
10 r (same) s
12 r (source.\)) s
t-bol.360 @sf
-36 1231 p (A.8) s
49 r (Install) s
18 r (Routines) s
t-rom.300 @sf
-36 1318 p (There) s
14 r (are) s
15 r 97 c
14 r (variety) s
14 r (of) s
14 r (routines) s
13 r (used) s
14 r (to) s
14 r (actually) s
13 r (move) s
15 r (the) s
-36 1368 p (viru) s
-1 r 115 c
13 r (from) s
14 r (one) s
14 r (machine) s
15 r (to) s
14 r (the) s
14 r (other) s
-1 r 46 c
24 r (They) s
15 r (deal) s
15 r (with) s
13 r (the) s
-36 1417 p 96 c
-2 r (`v) s
-1 r (i) s
-1 r (rus) s
14 r (protocol') s
-3 r 39 c
13 r (connection) s
15 r (made) s
16 r (by) s
16 r (the) s
c-med.300 @sf
15 r (l1.c) s
t-rom.300 @sf
15 r (injected) s
-36 1467 p (progr) s
-1 r (am) s
10 r (or) s
9 r (with) s
10 r (the) s
10 r (shell) s
10 r (that) s
9 r (it) s
10 r (spawns.) s
t-bol.300 @sf
-36 1603 p (A.8.1) s
40 r 114 c
(esynch) s
t-rom.300 @sf
-36 1689 p (The) s
t-ita.300 @sf
9 r 114 c
-1 r (esynch) s
t-rom.300 @sf
11 r (routine) s
9 r (sends) s
10 r (commands) s
12 r (to) s
9 r 97 c
11 r (remote) s
10 r (shell,) s
10 r (re-) s
-36 1739 p (questin) s
-1 r 103 c
8 r (that) s
8 r (it) s
9 r (echo) s
10 r (back) s
9 r 97 c
10 r (speci) s
174 c
99 c
11 r (randomly) s
8 r (chosen) s
10 r (num-) s
-36 1789 p (ber) s
-2 r 46 c
18 r (It) s
12 r (then) s
12 r (waits) s
12 r 97 c
12 r (certain) s
13 r (amount) s
11 r (of) s
12 r (time) s
12 r (for) s
12 r 97 c
13 r (response.) s
-36 1838 p (This) s
12 r (routine) s
13 r (is) s
14 r (used) s
14 r (to) s
13 r (indicate) s
14 r (when) s
14 r (the) s
13 r (various) s
14 r (subpro-) s
-36 1888 p (grams) s
6 r (of) s
7 r (the) s
8 r (infection) s
6 r (procedure) s
7 r (have) s
8 r (compiled) s
7 r (or) s
7 r (executed) s
-36 1938 p (and) s
9 r 97 c
11 r (Bourne) s
9 r (Shell) s
10 r (prompt) s
9 r (is) s
10 r (available) s
11 r (again.) s
t-bol.300 @sf
-36 2074 p (A.8.2) s
40 r (waithit) s
t-rom.300 @sf
-36 2160 p (This) s
8 r (routine) s
8 r (does) s
10 r (much) s
10 r (of) s
10 r (the) s
9 r (high) s
9 r (level) s
9 r (work.) s
14 r (It) s
9 r (waits) s
9 r (\(up) s
-36 2210 p (to) s
9 r 50 c
10 r (minutes\)) s
10 r (for) s
10 r 97 c
12 r (return) s
10 r (connection) s
10 r (from) s
10 r 97 c
11 r (victim) s
10 r (\(which) s
-36 2260 p (has) s
9 r (had) s
c-med.300 @sf
10 r (l1.c) s
t-rom.300 @sf
10 r (injected) s
9 r (into) s
9 r (it.\)) s
13 r (It) s
9 r (then) s
10 r (tries) s
10 r (to) s
9 r (read) s
10 r 97 c
11 r (magic) s
-36 2309 p (number) s
8 r (\(which) s
9 r (had) s
10 r (been) s
10 r (previously) s
9 r (sent) s
9 r (to) s
9 r (that) s
10 r (victim) s
9 r (as) s
10 r 97 c
-36 2359 p (command) s
12 r (line) s
12 r (ar) s
(gument) s
12 r (to) s
13 r (the) s
c-med.300 @sf
12 r (l1) s
t-rom.300 @sf
13 r (program\)) s
12 r (and) s
13 r (gives) s
13 r (up) s
-36 2409 p (after) s
9 r (ten) s
10 r (seconds.) s
4 2463 p (After) s
7 r (the) s
7 r (connection) s
6 r (is) s
7 r (established,) s
8 r (all) s
7 r (of) s
7 r (the) s
7 r (current) s
7 r 96 c
-2 r (`ob-) s
-36 2513 p (jects') s
-3 r 39 c
11 r (in) s
12 r (storage) s
13 r (in) s
12 r (the) s
12 r (virus) s
12 r (are) s
13 r (fed) s
13 r (down) s
12 r (the) s
12 r (connection) s
-36 2563 p (int) s
-1 r 111 c
8 r (the) s
9 r (victim.) s
13 r (Then) s
10 r (it) s
9 r (tries) s
9 r (to) s
9 r (resynchronize,) s
10 r (and) s
10 r (if) s
9 r (it) s
8 r (suc-) s
-36 2613 p (ceeds,) s
10 r (sends) s
11 r (down) s
10 r (commands) s
11 r (to) s
cmsy10.300 @sf
4 2667 p 15 c
t-rom.300 @sf
21 r (set) s
10 r (the) s
c-med.300 @sf
10 r (PATH) s
t-rom.300 @sf
10 r (of) s
10 r (the) s
10 r (victim) s
10 r (shell) s
cmsy10.300 @sf
4 2717 p 15 c
t-rom.300 @sf
21 r (try) s
9 r (to) s
10 r (delete) s
c-med.300 @sf
10 r (sh) s
t-rom.300 @sf
10 r (in) s
10 r (the) s
10 r (current) s
10 r (directory) s
9 r 40 c
c-med.300 @sf
(/usr/tmp) s
t-rom.300 @sf
41 c
cmsy10.300 @sf
1054 789 p 15 c
t-rom.300 @sf
20 r (if) s
8 r (the) s
7 r (delete) s
9 r (fails,) s
8 r (pick) s
7 r 97 c
9 r (random) s
7 r (name) s
9 r (to) s
7 r (use) s
9 r (instead) s
cmr7.300 @sf
1952 775 p (24) s
cmsy10.300 @sf
1054 839 p 15 c
t-rom.300 @sf
20 r (scan) s
15 r (the) s
14 r (list) s
13 r (of) s
14 r (objects,) s
15 r (looking) s
11 r (for) s
14 r (names) s
15 r (ending) s
13 r (in) s
c-med.300 @sf
1095 888 p (.o) s
cmsy10.300 @sf
1054 938 p 15 c
t-rom.300 @sf
20 r (link) s
10 r (and) s
11 r (run) s
10 r (each) s
12 r (of) s
11 r (these,) s
12 r (with) s
10 r (the) s
10 r (command) s
12 r (line) s
10 r (ar) s
45 c
1095 988 p (guments) s
cmsy10.300 @sf
1145 1038 p 15 c
c-med.300 @sf
21 r (-p) s
25 r ($$) s
t-rom.300 @sf
44 c
10 r (where) s
c-med.300 @sf
10 r ($$) s
t-rom.300 @sf
9 r (is) s
10 r (the) s
9 r (process) s
10 r (id) s
10 r (of) s
9 r (the) s
9 r (victim) s
1187 1088 p (shell) s
cmsy10.300 @sf
1145 1138 p 15 c
t-rom.300 @sf
21 r (each) s
11 r (object) s
10 r (name) s
cmsy10.300 @sf
1054 1187 p 15 c
t-rom.300 @sf
20 r (resynchronize;) s
12 r (if) s
11 r (this) s
10 r (fails,) s
12 r (assume) s
13 r (that) s
11 r (the) s
11 r (virus) s
10 r (suc-) s
1095 1237 p (ceeded) s
15 r (\(since) s
13 r (the) s
c-med.300 @sf
13 r (-p) s
t-rom.300 @sf
13 r (option) s
12 r (tells) s
12 r (the) s
13 r (virus) s
13 r (to) s
12 r (kill) s
12 r (of) s
102 c
1095 1287 p (the) s
10 r (parent) s
10 r (shell\)) s
10 r (and) s
10 r (set) s
10 r 175 c
(ag) s
10 r (bit) s
9 r 49 c
10 r (of) s
10 r (the) s
10 r (host) s
9 r (list) s
9 r (entry) s
1095 1337 p (\(the) s
10 r (host) s
10 r (list) s
9 r (is) s
10 r (detailed) s
10 r (in) s
10 r (section) s
10 r (A.9\).) s
cmsy10.300 @sf
1054 1387 p 15 c
t-rom.300 @sf
20 r (delete) s
16 r (the) s
15 r (compiled) s
15 r (program,) s
16 r (and) s
16 r (go) s
14 r (on) s
15 r (to) s
15 r (the) s
15 r (next) s
1095 1436 p (object.) s
1054 1487 p (Thus,) s
21 r (to) s
18 r (add) s
18 r (another) s
18 r (machine) s
19 r (type,) s
20 r (the) s
19 r (virus) s
17 r (merely) s
1012 1536 p (needs) s
11 r (to) s
10 r (be) s
10 r (started) s
10 r (with) s
9 r 97 c
11 r (new) s
10 r (object) s
10 r (binary) s
9 r (as) s
11 r 97 c
11 r (command) s
1012 1586 p (line) s
13 r (option,) s
13 r (which) s
13 r (will) s
12 r (then) s
12 r (be) s
14 r (propagated) s
13 r (to) s
12 r (the) s
13 r (next) s
13 r (in-) s
1012 1636 p (fected) s
11 r (host) s
10 r (and) s
10 r (tried.) s
1054 1686 p (Note) s
29 r (that) s
28 r (the) s
29 r (path) s
28 r (used) s
29 r (here) s
30 r (was) s
c-med.300 @sf
29 r (PATH=) s
29 r (bin:) s
1012 1736 p (/usr/bin:) s
96 r (/usr/ucb) s
t-rom.300 @sf
14 r (which) s
14 r (is) s
15 r (certainly) s
13 r (reason-) s
1012 1786 p (able) s
17 r (on) s
17 r (most) s
16 r (systems.) s
35 r (This) s
16 r (protects) s
17 r (systems) s
17 r (with) s
16 r 96 c
-2 r (`un-) s
1012 1836 p (usual') s
-2 r 39 c
9 r 174 c
(lesystem) s
12 r (layouts,) s
10 r (and) s
10 r (suggests) s
11 r (that) s
10 r (complete) s
11 r (con-) s
1012 1885 p (sistency) s
11 r (among) s
10 r (systems) s
11 r (makes) s
11 r (them) s
11 r (more) s
10 r (vulnerable.) s
t-bol.360 @sf
1012 2006 p (A.9) s
51 r (Host) s
18 r (modules) s
t-rom.300 @sf
1012 2084 p (These) s
15 r (are) s
14 r 97 c
14 r (set) s
14 r (of) s
13 r (routines) s
13 r (designed) s
13 r (to) s
13 r (collect) s
13 r (names) s
15 r (and) s
1012 2134 p (addresses) s
14 r (of) s
13 r (tar) s
(get) s
12 r (hosts) s
12 r (in) s
12 r 97 c
13 r (master) s
14 r (list.) s
21 r (Each) s
13 r (entry) s
13 r (con-) s
1012 2184 p (tains) s
13 r (up) s
13 r (to) s
12 r (six) s
13 r (addresses,) s
16 r (up) s
12 r (to) s
13 r (twelve) s
13 r (names,) s
15 r (and) s
13 r 97 c
14 r 175 c
(ags) s
1012 2233 p 174 c
(eld.) s
t-bol.300 @sf
1012 2345 p (A.9.1) s
42 r (Name) s
16 r (to) s
15 r (host) s
t-rom.300 @sf
1012 2424 p (This) s
13 r (routine) s
10 r (searches) s
14 r (the) s
12 r (host) s
12 r (list) s
11 r (for) s
12 r 97 c
12 r (given) s
12 r (named) s
13 r (host,) s
1012 2473 p (returns) s
10 r (the) s
11 r (list) s
9 r (entry) s
10 r (describing) s
10 r (it,) s
10 r (and) s
11 r (optionall) s
-1 r 121 c
9 r (adds) s
10 r (it) s
10 r (to) s
1012 2523 p (the) s
11 r (list) s
9 r (if) s
9 r (it) s
10 r (isn') s
116 c
8 r (there) s
11 r (already) s
-2 r 46 c
1012 2560 p 390 2 ru
cmr6.300 @sf
1040 2588 p (24) s
t-rom.240 @sf
1072 2599 p (Since) s
8 r (the) s
8 r (delete) s
8 r (command) s
6 r (used) s
7 r 40 c
c-med.240 @sf
(rm) s
20 r (-f) s
t-rom.240 @sf
41 c
9 r (did) s
7 r (not) s
8 r (remove) s
7 r (directories,) s
1012 2638 p (creating) s
10 r 97 c
9 r (directory) s
c-med.240 @sf
9 r (/usr/tmp/sh) s
t-rom.240 @sf
10 r (stoped) s
8 r (the) s
10 r (virus[) s
(26) s
-1 r (].) s
17 r (However) s
-1 r 44 c
9 r (the) s
1012 2678 p (virus) s
10 r (would) s
10 r (still) s
11 r (use) s
10 r (CPU) s
11 r (resources) s
9 r (attempting) s
10 r (to) s
10 r (link) s
10 r (the) s
10 r (objects,) s
11 r (even) s
1012 2717 p (though) s
7 r (it) s
9 r (couldn') s
116 c
6 r (write) s
9 r (to) s
8 r (the) s
8 r (output) s
7 r 174 c
(le) s
9 r (\(since) s
7 r (it) s
9 r (was) s
8 r 97 c
8 r (directory\).) s
t-rom.300 @sf
954 2842 p (23) s
@eop
24 @bop0
/cmr8.300 @newfont
cmr8.300 @sf
[<0FC03FF07838700CE00EE00EE00EE03E70FC3DFC1FF80FE03FF03F387C1C701C701C701C38381FF007C0> 15 21 -1 0 18] 56 @dc
[<06000F000F000F000F000F00070007000700030003800180018000C00060C030C018E0187FFC7FFE7FFE6000> 15 22 -2 0 18] 55 @dc
[<03FE03FE0070007000700070FFFEFFFEE0707070307018701C700E700670077003F001F000F000F00070> 15 21 -1 0 18] 52 @dc
[<07C01FF03C38381C701E701EF01EF01EF01EF81CF81CFFF8F7F0F08070007018383C1C3C0E1C07F801F0> 15 21 -1 0 18] 54 @dc
[<1F803FC070F078387838301C001C021E1FDE3FFE703E703EF01EF01EF01EF01CF01C703838381FF007C0> 15 21 -1 0 18] 57 @dc
/cmmi8.300 @newfont
cmmi8.300 @sf
[<40603030181878F8F8F070> 5 11 -2 6 10] 59 @dc
cmr8.300 @sf
[<1F003FC060E0F070F078F078607800780078607070E07FC06F8060006000600060007F807FE07FF06030> 13 21 -2 0 18] 53 @dc
[<0FC03FF07038F83CF81EF81E701E001E003C007807E007E000F00078103C783C783C783C30781FF00FC0> 15 21 -1 0 18] 51 @dc
[<7FF07FF0070007000700070007000700070007000700070007000700070007000700F700FF000F000300> 12 21 -2 0 18] 49 @dc
[<07C01FF03C78783C701C701CF01EF01EF01EF01EF01EF01EF01EF01EF01E701C701C783C3C781FF007C0> 15 21 -1 0 18] 48 @dc
[<FFF0FFF07FF0303818180C180E000700038001C000E000F0007800787078F878F878F8F071F03FE01F80> 13 21 -2 0 18] 50 @dc
24 @bop1
t-bol.300 @sf
-36 96 p (A.9.2) s
40 r (Addr) s
(ess) s
17 r (to) s
15 r (host) s
t-rom.300 @sf
-36 174 p (This) s
9 r (routine) s
10 r (searches) s
12 r (the) s
11 r (host) s
10 r (list) s
10 r (for) s
10 r 97 c
11 r (given) s
10 r (host) s
11 r (address,) s
-36 224 p (returns) s
8 r (the) s
11 r (list) s
9 r (entry) s
10 r (describing) s
10 r (it,) s
10 r (and) s
11 r (optionall) s
-1 r 121 c
9 r (adds) s
10 r (it) s
10 r (to) s
-36 273 p (the) s
9 r (list) s
9 r (if) s
9 r (it) s
10 r (isn') s
116 c
8 r (there) s
11 r (already) s
-2 r 46 c
t-bol.300 @sf
-36 382 p (A.9.3) s
40 r (Add) s
16 r (addr) s
(ess/name) s
t-rom.300 @sf
-36 460 p (These) s
8 r (two) s
8 r (routines) s
7 r (added) s
9 r (an) s
9 r (address) s
9 r (or) s
8 r 97 c
9 r (name) s
10 r (to) s
8 r 97 c
9 r (host) s
8 r (list) s
-36 509 p (entry) s
-3 r 44 c
10 r (checking) s
11 r (to) s
11 r (make) s
12 r (sure) s
12 r (that) s
11 r (the) s
11 r (address) s
12 r (or) s
11 r (name) s
12 r (was) s
-36 559 p (not) s
8 r (already) s
10 r (known.) s
t-bol.300 @sf
-36 668 p (A.9.4) s
40 r (Clean) s
16 r (up) s
16 r (table) s
t-rom.300 @sf
-36 745 p (This) s
10 r (routine) s
11 r (cycles) s
13 r (through) s
10 r (the) s
12 r (host) s
11 r (list,) s
12 r (and) s
12 r (removes) s
13 r (any) s
-36 795 p (hosts) s
7 r (which) s
8 r (only) s
8 r (have) s
9 r 175 c
(ag) s
10 r (bits) s
8 r 49 c
8 r (and) s
9 r 50 c
9 r (set) s
9 r (\(and) s
9 r (clears) s
10 r (those) s
-36 845 p (bit) s
-1 r (s.\)) s
22 r (Bit) s
13 r 49 c
13 r (is) s
14 r (set) s
14 r (when) s
13 r 97 c
14 r (resynchronize) s
14 r (\(in) s
t-ita.300 @sf
13 r (waithit) s
t-rom.300 @sf
-1 r 41 c
12 r (fails,) s
-36 895 p (probabl) s
-1 r 121 c
12 r (indicating) s
12 r (that) s
14 r (this) s
13 r (host) s
13 r 96 c
-2 r (`got) s
12 r (lost') s
-2 r (') s
-1 r 46 c
24 r (Bit) s
13 r 50 c
14 r (is) s
13 r (set) s
-36 945 p (when) s
10 r 97 c
12 r (named) s
13 r (host) s
11 r (has) s
12 r (no) s
11 r (addresses,) s
14 r (or) s
11 r (when) s
12 r (several) s
13 r (dif-) s
-36 994 p (ferent) s
9 r (attack) s
11 r (attempts) s
11 r (fail.) s
15 r (Bit) s
9 r 51 c
11 r (is) s
10 r (set) s
11 r (when) s
11 r (Phase) s
12 r 48 c
10 r (of) s
11 r (the) s
-36 1044 p (crack) s
7 r (routines) s
7 r (successfully) s
8 r (retrieves) s
8 r (an) s
8 r (address) s
8 r (for) s
7 r (the) s
8 r (host.) s
t-bol.300 @sf
-36 1153 p (A.9.5) s
40 r (Get) s
17 r (addr) s
(esses) s
t-rom.300 @sf
-36 1230 p (This) s
9 r (routine) s
10 r (takes) s
11 r (an) s
11 r (entry) s
10 r (in) s
10 r (the) s
11 r (host) s
10 r (table) s
11 r (and) s
11 r (tries) s
10 r (to) s
10 r 174 c
(ll) s
-36 1280 p (in) s
9 r (the) s
10 r (the) s
10 r (gaps.) s
16 r (It) s
10 r (looks) s
9 r (up) s
11 r (an) s
11 r (address) s
11 r (for) s
10 r 97 c
11 r (name) s
12 r (it) s
9 r (has,) s
12 r (or) s
-36 1330 p (look) s
-1 r 115 c
12 r (up) s
13 r 97 c
14 r (name) s
14 r (for) s
13 r (the) s
13 r (addresses) s
15 r (it) s
12 r (has.) s
24 r (It) s
13 r (also) s
13 r (includes) s
-36 1380 p (any) s
9 r (aliases) s
11 r (it) s
9 r (can) s
11 r 174 c
(nd.) s
t-bol.360 @sf
-36 1497 p (A.10) s
49 r (Object) s
17 r 114 c
(outines) s
t-rom.300 @sf
-36 1574 p (These) s
14 r (routines) s
14 r (are) s
15 r (what) s
14 r (the) s
15 r (system) s
15 r (uses) s
15 r (to) s
14 r (pull) s
13 r (all) s
14 r (of) s
14 r (its) s
-36 1624 p (pieces) s
12 r (into) s
11 r (memory) s
12 r (when) s
13 r (it) s
11 r (starts) s
12 r (\(after) s
13 r (the) s
12 r (host) s
11 r (has) s
13 r (been) s
-36 1674 p (infected\)) s
7 r (and) s
9 r (then) s
9 r (to) s
8 r (retrieve) s
9 r (them) s
10 r (to) s
8 r (transmit) s
8 r (to) s
9 r (any) s
9 r (host) s
8 r (it) s
-36 1724 p (infects.) s
t-bol.300 @sf
-36 1832 p (A.10.1) s
40 r (Load) s
15 r (object) s
t-rom.300 @sf
-36 1910 p (This) s
11 r (routine) s
12 r (opens) s
13 r 97 c
13 r 174 c
(le,) s
14 r (determines) s
14 r (its) s
12 r (length,) s
13 r (allocating) s
-36 1960 p (the) s
7 r (appropriate) s
8 r (amount) s
9 r (of) s
8 r (memory) s
-2 r 44 c
10 r (reads) s
9 r (it) s
8 r (in) s
8 r (as) s
10 r (one) s
9 r (block,) s
-36 2010 p (decodes) s
15 r (the) s
16 r (block) s
16 r (of) s
16 r (memory) s
16 r (\(with) s
15 r (XOR\).) s
16 r (If) s
16 r (the) s
16 r (object) s
-36 2059 p (name) s
7 r (contains) s
7 r 97 c
9 r (comma,) s
9 r (it) s
7 r (moves) s
8 r (past) s
8 r (it) s
7 r (and) s
8 r (starts) s
7 r (the) s
8 r (name) s
-36 2109 p (there.) s
t-bol.300 @sf
-36 2218 p (A.10.2) s
40 r (Get) s
16 r (object) s
17 r (by) s
15 r (name) s
t-rom.300 @sf
-36 2295 p (This) s
5 r (routine) s
6 r (returns) s
7 r 97 c
7 r (pointer) s
6 r (to) s
6 r (the) s
7 r (requested) s
7 r (object.) s
13 r (This) s
7 r (is) s
-36 2345 p (used) s
9 r (to) s
9 r 174 c
(nd) s
9 r (the) s
10 r (pieces) s
11 r (to) s
9 r (download) s
9 r (when) s
9 r (infecting) s
9 r (another) s
-36 2395 p (host.) s
t-bol.360 @sf
-36 2512 p (A.1) s
-2 r 49 c
48 r (Other) s
18 r (initialization) s
17 r 114 c
(outines) s
t-bol.300 @sf
-36 2590 p (A.1) s
-2 r (1.1) s
40 r (if) s
15 r (init) s
t-rom.300 @sf
-36 2667 p (This) s
11 r (routine) s
11 r (scans) s
14 r (the) s
13 r (array) s
13 r (of) s
12 r (network) s
12 r (interfaces.) s
21 r (It) s
13 r (gets) s
-36 2717 p (the) s
13 r 175 c
(ags) s
15 r (for) s
15 r (each) s
15 r (interface,) s
17 r (and) s
15 r (makes) s
16 r (sure) s
15 r (the) s
14 r (interface) s
1012 96 p (is) s
11 r (UP) s
10 r (and) s
11 r (RUNNING) s
10 r (\(speci) s
174 c
99 c
11 r 174 c
(elds) s
11 r (of) s
10 r (the) s
10 r 175 c
(ag) s
11 r (structure\).) s
1012 146 p (If) s
15 r (the) s
15 r (entry) s
15 r (is) s
15 r 97 c
16 r (point) s
13 r (to) s
15 r (point) s
13 r (type) s
15 r (interface,) s
17 r (the) s
15 r (remote) s
1012 196 p (address) s
11 r (is) s
10 r (saved) s
11 r (and) s
10 r (added) s
10 r (to) s
9 r (the) s
10 r (host) s
10 r (table.) s
13 r (It) s
10 r (then) s
10 r (tries) s
9 r (to) s
1012 246 p (enter) s
11 r (the) s
10 r (router) s
9 r (into) s
9 r (the) s
11 r (list) s
9 r (of) s
10 r (hosts) s
9 r (to) s
10 r (attack.) s
t-bol.300 @sf
1012 370 p (A.1) s
-1 r (1.2) s
41 r (rt) s
16 r (init) s
t-rom.300 @sf
1012 452 p (This) s
10 r (routine) s
7 r (runs) s
c-med.300 @sf
9 r (netstat) s
24 r (-r) s
25 r (-n) s
t-rom.300 @sf
9 r (as) s
10 r 97 c
10 r (subprocess.) s
14 r (This) s
1012 502 p (shows) s
15 r (the) s
14 r (routing) s
12 r (table,) s
15 r (with) s
14 r (the) s
14 r (addresses) s
15 r (listed) s
14 r (numer-) s
1012 552 p (ically) s
-2 r 46 c
19 r (It) s
12 r (gives) s
12 r (up) s
12 r (after) s
12 r 174 c
(nding) s
11 r (500) s
12 r (gateways.) s
20 r (It) s
12 r (skips) s
12 r (the) s
1012 602 p (default) s
8 r (route,) s
8 r (as) s
9 r (well) s
7 r (as) s
9 r (the) s
8 r (loopback) s
7 r (entry) s
-2 r 46 c
12 r (It) s
8 r (checks) s
9 r (for) s
7 r (re-) s
1012 651 p (dundant) s
9 r (entries,) s
11 r (and) s
10 r (checks) s
11 r (to) s
10 r (see) s
11 r (if) s
9 r (this) s
10 r (address) s
10 r (is) s
10 r (already) s
1012 701 p (an) s
9 r (interface) s
9 r (address.) s
14 r (If) s
9 r (not,) s
8 r (it) s
8 r (adds) s
9 r (it) s
7 r (to) s
8 r (the) s
9 r (list) s
7 r (of) s
9 r (gateways.) s
1054 753 p (After) s
8 r (the) s
8 r (gateway) s
9 r (list) s
7 r (is) s
8 r (collected,) s
9 r (it) s
8 r (shuf) s
175 c
(es) s
7 r (it) s
8 r (and) s
8 r (enters) s
1012 803 p (the) s
11 r (addresses) s
11 r (in) s
10 r (the) s
10 r (host) s
9 r (table.) s
t-bol.360 @sf
1012 936 p (A.12) s
51 r (Interlock) s
18 r 114 c
(outines) s
t-rom.300 @sf
1012 1018 p (The) s
10 r (two) s
9 r (routines) s
t-ita.300 @sf
8 r (checkother) s
t-rom.300 @sf
11 r (and) s
t-ita.300 @sf
9 r (othersleep) s
t-rom.300 @sf
10 r (are) s
10 r (at) s
9 r (the) s
9 r (heart) s
1012 1068 p (of) s
9 r (the) s
9 r (excessive) s
11 r (propagation) s
8 r (of) s
8 r (the) s
10 r (virus.) s
12 r (It) s
9 r (is) s
9 r (clear) s
10 r (that) s
9 r (the) s
1012 1118 p (author) s
12 r (intended) s
12 r (for) s
12 r (the) s
12 r (virus) s
12 r (to) s
12 r (detect) s
13 r (that) s
12 r 97 c
13 r (machine) s
13 r (was) s
1012 1168 p (already) s
13 r (infected,) s
14 r (and) s
13 r (if) s
12 r (so) s
12 r (to) s
13 r (skip) s
12 r (it.) s
20 r (The) s
13 r (code) s
14 r (is) s
12 r (actually) s
1012 1217 p (fraught) s
13 r (with) s
13 r (timing) s
13 r 175 c
(aws) s
14 r (and) s
14 r (design) s
14 r (errors) s
14 r (which) s
13 r (lead) s
14 r (it) s
1012 1267 p (to) s
10 r (permit) s
10 r (multipl) s
-1 r 101 c
9 r (infections,) s
9 r (probably) s
9 r (more) s
11 r (often) s
9 r (than) s
10 r (the) s
1012 1317 p (designer) s
10 r (intended) s
cmr7.300 @sf
1307 1303 p (25) s
t-rom.300 @sf
1342 1317 p 46 c
1054 1369 p (An) s
14 r (active) s
14 r (infection) s
13 r (uses) s
14 r (the) s
t-ita.300 @sf
14 r (othersleep) s
t-rom.300 @sf
14 r (routine) s
13 r (for) s
13 r (two) s
1012 1419 p (purposes,) s
9 r 174 c
(rst) s
8 r (to) s
8 r (sleep) s
9 r (so) s
8 r (that) s
8 r (it) s
7 r (doesn') s
116 c
7 r (use) s
9 r (much) s
8 r (processor) s
1012 1469 p (time,) s
17 r (and) s
15 r (second) s
15 r (to) s
15 r (listen) s
14 r (for) s
14 r (requests) s
16 r (from) s
14 r 96 c
-2 r (`incoming') s
-3 r 39 c
1012 1519 p (viruses.) s
13 r (The) s
9 r (virus) s
7 r (which) s
7 r (is) s
8 r (running) s
t-ita.300 @sf
6 r (othersleep) s
t-rom.300 @sf
8 r (is) s
8 r (referred) s
8 r (to) s
1012 1569 p (as) s
10 r (the) s
9 r 96 c
-2 r (`listener) s
1 r 39 c
-3 r 39 c
7 r (and) s
9 r (the) s
9 r (virus) s
9 r (which) s
8 r (is) s
9 r (running) s
t-ita.300 @sf
7 r (checkother) s
t-rom.300 @sf
1012 1618 p (is) s
11 r (referred) s
10 r (to) s
10 r (as) s
11 r (the) s
10 r 96 c
-2 r (`tester) s
2 r 39 c
-3 r ('.) s
t-bol.300 @sf
1012 1742 p (A.12.1) s
42 r (Checkother) s
t-rom.300 @sf
1012 1825 p (The) s
14 r (tester) s
14 r (tries) s
13 r (to) s
12 r (connect) s
14 r (to) s
12 r (port) s
13 r (23357) s
12 r (on) s
13 r (the) s
13 r (local) s
13 r (ma-) s
1012 1875 p (chine) s
9 r (\(using) s
7 r (the) s
8 r (loopback) s
7 r (address,) s
9 r (127.0.0.1\)) s
8 r (to) s
8 r (see) s
9 r (if) s
8 r (it) s
7 r (can) s
1012 1925 p (connect) s
11 r (to) s
11 r 97 c
11 r (listener) s
-1 r 46 c
13 r (If) s
11 r (any) s
11 r (errors) s
10 r (occur) s
11 r (during) s
9 r (this) s
10 r (check,) s
1012 1974 p (the) s
9 r (virus) s
9 r (assumes) s
10 r (that) s
9 r (no) s
9 r (listener) s
8 r (is) s
9 r (present,) s
10 r (and) s
9 r (tries) s
9 r (to) s
8 r (be-) s
1012 2024 p (come) s
12 r 97 c
11 r (listener) s
9 r (itself.) s
1054 2077 p (If) s
8 r (the) s
7 r (connection) s
7 r (is) s
8 r (successful,) s
10 r (the) s
7 r (checker) s
9 r (sends) s
9 r 97 c
8 r (magic) s
1012 2126 p (number) s
cmr7.300 @sf
1139 2112 p (26) s
t-rom.300 @sf
1174 2126 p 44 c
14 r (and) s
12 r (listens) s
12 r (\(for) s
11 r (up) s
12 r (to) s
12 r (300) s
12 r (seconds\)) s
12 r (for) s
12 r 97 c
13 r (magic) s
1012 2176 p (number) s
11 r (from) s
10 r (the) s
10 r (listener) s
cmr7.300 @sf
1425 2162 p (27) s
t-rom.300 @sf
1460 2176 p 46 c
14 r (If) s
10 r (the) s
11 r (magic) s
11 r (number) s
10 r (is) s
10 r (wrong,) s
1012 2226 p (the) s
15 r (checker) s
15 r (assumes) s
16 r (it) s
14 r (is) s
14 r (being) s
14 r (spoofed) s
14 r (and) s
14 r (continues) s
14 r (to) s
1012 2276 p (run.) s
1054 2328 p (The) s
13 r (checker) s
13 r (then) s
11 r (picks) s
12 r 97 c
12 r (random) s
12 r (number) s
-1 r 44 c
12 r (shifts) s
11 r (it) s
11 r (right) s
1012 2378 p (by) s
12 r (three) s
12 r (\(throwing) s
10 r (away) s
13 r (the) s
12 r (lower) s
12 r (three) s
12 r (bits\)) s
11 r (and) s
12 r (sends) s
12 r (it) s
1012 2428 p (to) s
15 r (the) s
15 r (listener) s
-1 r 46 c
26 r (It) s
15 r (expects) s
15 r 97 c
16 r (number) s
15 r (back) s
15 r (within) s
14 r (ten) s
15 r (sec-) s
1012 2478 p (onds,) s
11 r (which) s
10 r (it) s
10 r (adds) s
10 r (to) s
10 r (the) s
10 r (one) s
11 r (sent.) s
15 r (If) s
10 r (this) s
9 r (sum) s
11 r (is) s
10 r (even,) s
12 r (the) s
1012 2520 p 390 2 ru
cmr6.300 @sf
1040 2548 p (25) s
t-rom.240 @sf
1072 2559 p (This) s
9 r (behavior) s
7 r (was) s
8 r (noted) s
8 r (by) s
8 r (both) s
8 r (looking) s
7 r (at) s
9 r (the) s
8 r (code) s
8 r (and) s
7 r (by) s
8 r (creating) s
1012 2598 p 97 c
11 r (testbed) s
9 r (setup,) s
10 r (manually) s
9 r (running) s
9 r 97 c
10 r (program) s
8 r (that) s
11 r (performs) s
9 r (the) s
10 r (checking) s
1012 2638 p (and) s
8 r (listening) s
7 r (functions.) s
cmr6.300 @sf
1040 2666 p (26) s
cmr8.300 @sf
1072 2677 p (874697) s
cmr6.300 @sf
1180 2682 p (16) s
cmmi8.300 @sf
1211 2677 p 59 c
cmr8.300 @sf
5 r (8865431) s
cmr6.300 @sf
1352 2682 p (10) s
cmmi8.300 @sf
1382 2677 p 59 c
cmr8.300 @sf
6 r (0416432) s
-1 r (27) s
cmr6.300 @sf
1559 2682 p 56 c
1040 2706 p (27) s
cmr8.300 @sf
1072 2717 p (148898) s
cmr6.300 @sf
1180 2722 p (16) s
cmmi8.300 @sf
1211 2717 p 59 c
cmr8.300 @sf
5 r (1345688) s
cmr6.300 @sf
1352 2722 p (10) s
cmmi8.300 @sf
1382 2717 p 59 c
cmr8.300 @sf
6 r (0510423) s
-1 r 48 c
cmr6.300 @sf
1541 2722 p 56 c
t-rom.300 @sf
954 2842 p (24) s
@eop
25 @bop0
25 @bop1
t-rom.300 @sf
-36 96 p (sender) s
11 r (increments) s
c-med.300 @sf
12 r (pleasequit) s
t-rom.300 @sf
44 c
12 r (which) s
11 r (\(as) s
12 r (noted) s
11 r (in) s
12 r (sec-) s
-36 146 p (tio) s
-1 r 110 c
8 r (A.3.2\)) s
11 r (does) s
10 r (very) s
11 r (littl) s
-1 r (e.) s
4 196 p (Once) s
14 r (it) s
12 r (has) s
13 r 174 c
(nished) s
12 r (communicating) s
12 r (\(or) s
13 r (failing) s
11 r (to) s
12 r (com-) s
-36 246 p (municate\)) s
9 r (with) s
9 r (the) s
11 r (listener) s
-1 r 44 c
9 r (the) s
10 r (checker) s
12 r (sleeps) s
11 r (for) s
10 r 174 c
(ve) s
11 r (sec-) s
-36 295 p (onds) s
7 r (and) s
10 r (tries) s
9 r (to) s
9 r (become) s
11 r 97 c
10 r (listener) s
-2 r 46 c
12 r (It) s
9 r (creates) s
11 r 97 c
10 r (TCP) s
10 r (stream) s
-36 345 p (socket,) s
11 r (sets) s
11 r (the) s
11 r (socket) s
12 r (options) s
9 r (to) s
11 r (indicate) s
11 r (that) s
10 r (it) s
11 r (should) s
10 r (al-) s
-36 395 p (low) s
9 r (multiple) s
10 r (binds) s
10 r (to) s
10 r (that) s
11 r (address) s
12 r (\(in) s
10 r (case) s
13 r (the) s
11 r (listener) s
t-ita.300 @sf
10 r (still) s
t-rom.300 @sf
-36 445 p (hasn') s
116 c
10 r (exited,) s
13 r (perhaps?\)) s
22 r (and) s
12 r (then) s
12 r (binds) s
12 r (the) s
13 r (socket) s
13 r (to) s
12 r (port) s
-36 495 p (23357) s
-1 r 44 c
11 r (and) s
12 r (listens) s
12 r (on) s
11 r (it) s
12 r (\(permitting) s
10 r 97 c
12 r (backlog) s
12 r (of) s
12 r (up) s
11 r (to) s
12 r (ten) s
-36 544 p (pendin) s
-1 r 103 c
9 r (connections.\)) s
t-bol.300 @sf
-36 652 p (A.12.2) s
40 r (Othersleep) s
t-rom.300 @sf
-36 730 p (The) s
t-ita.300 @sf
14 r (othersleep) s
t-rom.300 @sf
14 r (routine) s
13 r (is) s
14 r (run) s
14 r (when) s
14 r (the) s
15 r (main) s
14 r (body) s
14 r (of) s
14 r (the) s
-36 779 p (viru) s
-1 r 115 c
13 r (wants) s
13 r (to) s
14 r (idle) s
13 r (for) s
13 r 97 c
15 r (period) s
13 r (of) s
13 r (time.) s
25 r (This) s
14 r (was) s
14 r (appar-) s
-36 829 p (ently) s
9 r (intended) s
11 r (to) s
12 r (help) s
11 r (the) s
12 r (virus) s
11 r 96 c
-2 r (`hid) s
-1 r (e') s
-3 r 39 c
10 r (so) s
12 r (that) s
11 r (it) s
11 r (wouldn') s
116 c
-36 879 p (use) s
12 r (enough) s
12 r (processor) s
13 r (time) s
13 r (to) s
12 r (be) s
13 r (noticed.) s
21 r (While) s
13 r (the) s
12 r (main) s
-36 929 p (progr) s
-1 r (am) s
9 r (sleeps,) s
11 r (the) s
10 r (listener) s
10 r (code) s
10 r (waits) s
10 r (to) s
10 r (see) s
11 r (if) s
10 r (any) s
10 r (check-) s
-36 979 p (ers) s
7 r (have) s
8 r (appeared) s
8 r (and) s
8 r (queried) s
7 r (for) s
7 r (the) s
7 r (existence) s
8 r (of) s
7 r 97 c
9 r (listener) s
-1 r 44 c
-36 1028 p (as) s
9 r 97 c
11 r (simple) s
10 r 96 c
-2 r (`background) s
8 r (task') s
-2 r 39 c
9 r (of) s
10 r (the) s
10 r (main) s
11 r (virus.) s
4 1078 p (The) s
13 r (routine) s
12 r 174 c
(rst) s
12 r (checks) s
14 r (to) s
12 r (see) s
13 r (if) s
13 r (it) s
11 r (has) s
13 r (been) s
14 r (set) s
12 r (up) s
13 r (as) s
13 r 97 c
-36 1128 p (list) s
-1 r (ener;) s
7 r (if) s
8 r (not,) s
9 r (it) s
7 r (calls) s
9 r (the) s
8 r (normal) s
t-ita.300 @sf
9 r (sleep) s
t-rom.300 @sf
8 r (function) s
7 r (to) s
8 r (sleep) s
9 r (for) s
-36 1178 p (the) s
9 r (requested) s
10 r (number) s
10 r (of) s
10 r (seconds,) s
11 r (and) s
11 r (returns.) s
4 1228 p (If) s
11 r (it) s
10 r (is) s
11 r (set) s
11 r (up) s
11 r (as) s
12 r 97 c
11 r (listener) s
-1 r 44 c
11 r (it) s
10 r (listens) s
10 r (on) s
11 r (the) s
11 r (checking) s
11 r (port) s
-36 1278 p (with) s
8 r 97 c
11 r (timeout.) s
15 r (If) s
10 r (it) s
10 r (times) s
10 r (out,) s
11 r (it) s
10 r (returns,) s
10 r (otherwise) s
10 r (it) s
10 r (deals) s
-36 1327 p (with) s
5 r (the) s
7 r (connection) s
7 r (and) s
8 r (subtracts) s
7 r (the) s
7 r (elapsed) s
8 r (real) s
8 r (time) s
8 r (from) s
-36 1377 p (the) s
9 r (time) s
10 r (out) s
9 r (value.) s
4 1427 p (The) s
13 r (body) s
12 r (of) s
13 r (the) s
13 r (listener) s
12 r 96 c
-2 r (`accepts') s
-2 r 39 c
11 r (the) s
12 r (connection,) s
14 r (and) s
-36 1477 p (sends) s
8 r 97 c
10 r (magic) s
10 r (number) s
10 r (to) s
9 r (the) s
9 r (checker) s
-1 r 46 c
14 r (It) s
8 r (then) s
10 r (listens) s
8 r (\(for) s
9 r (up) s
-36 1527 p (to) s
7 r (10) s
9 r (seconds\)) s
10 r (for) s
9 r (the) s
9 r (checker) s
2 r 39 c
-1 r 115 c
9 r (magic) s
10 r (number) s
-1 r 44 c
9 r (and) s
10 r (picks) s
9 r 97 c
-36 1576 p (random) s
7 r (number) s
-1 r 46 c
12 r (It) s
8 r (shifts) s
7 r (the) s
8 r (random) s
8 r (number) s
8 r (right) s
7 r (by) s
8 r (three,) s
-36 1626 p (discarding) s
9 r (the) s
10 r (lower) s
11 r (bits,) s
11 r (and) s
11 r (sends) s
11 r (it) s
10 r (up) s
11 r (to) s
10 r (the) s
11 r (checker;) s
12 r (it) s
-36 1676 p (then) s
13 r (listens) s
15 r (\(for) s
15 r (up) s
14 r (to) s
15 r (10) s
15 r (seconds\)) s
16 r (for) s
15 r 97 c
15 r (random) s
16 r (number) s
-36 1726 p (from) s
9 r (the) s
11 r (checker) s
-1 r 46 c
17 r (If) s
11 r (any) s
11 r (of) s
11 r (these) s
11 r (steps) s
11 r (fail,) s
11 r (the) s
11 r (connection) s
-36 1776 p (is) s
9 r (closed) s
10 r (and) s
10 r (the) s
10 r (checker) s
12 r (is) s
10 r (ignored.) s
4 1825 p (Once) s
10 r (the) s
8 r (exchanges) s
10 r (have) s
10 r (occurred,) s
10 r (the) s
8 r (address) s
10 r (of) s
9 r (the) s
8 r (in-) s
-36 1875 p (coming) s
7 r (connection) s
9 r (is) s
9 r (compared) s
10 r (with) s
8 r (the) s
9 r (loopback) s
9 r (address.) s
-36 1925 p (If) s
7 r (it) s
6 r (is) s
7 r (not) s
7 r (from) s
7 r (the) s
7 r (loopback) s
7 r (address,) s
9 r (the) s
8 r (attempt) s
7 r (is) s
7 r (ignored.) s
-36 1975 p (If) s
8 r (it) s
7 r (is,) s
10 r (then) s
8 r (if) s
9 r (the) s
9 r (sum) s
9 r (of) s
8 r (the) s
9 r (exchanged) s
10 r (random) s
9 r (numbers) s
9 r (is) s
-36 2025 p (odd,) s
11 r (the) s
13 r (listener) s
11 r (increments) s
c-med.300 @sf
13 r (pleasequit) s
t-rom.300 @sf
12 r (\(with) s
11 r (littl) s
-1 r 101 c
11 r (ef-) s
-36 2075 p (fect,) s
10 r (as) s
12 r (noted) s
11 r (in) s
10 r (section) s
11 r (A.3.2\)) s
11 r (and) s
11 r (closes) s
12 r (the) s
10 r (listener) s
11 r (con-) s
-36 2124 p (nection.) s
t-bol.420 @sf
-36 2261 p 66 c
56 r (Built) s
23 r (in) s
23 r (dictionary) s
t-rom.300 @sf
-36 2354 p (432) s
8 r (words) s
10 r (were) s
11 r (included:) s
134 2420 p (aaa) s
129 r (academia) s
133 r (aerobics) s
134 2470 p (airplane) s
49 r (albany) s
177 r (albatross) s
134 2519 p (albert) s
88 r (alex) s
219 r (alexander) s
134 2569 p (algebra) s
61 r (aliases) s
178 r (alphabet) s
134 2619 p (ama) s
115 r (amorphous) s
103 r (analog) s
134 2669 p (anchor) s
70 r (andromache) s
86 r (animals) s
134 2719 p (answer) s
66 r (anthropogenic) s
49 r (anvils) s
1171 89 p (anything) s
94 r (aria) s
180 r (ariadne) s
1171 139 p (arrow) s
144 r (arthur) s
142 r (athena) s
1171 189 p (atmosphere) s
50 r (aztecs) s
142 r (azure) s
1171 239 p (bacchus) s
108 r (bailey) s
140 r (banana) s
1171 289 p (bananas) s
108 r (bandit) s
137 r (banks) s
1171 339 p (barber) s
135 r (baritone) s
105 r (bass) s
1171 388 p (bassoon) s
107 r (batman) s
120 r (beater) s
1171 438 p (beauty) s
130 r (beethoven) s
71 r (beloved) s
1171 488 p (benz) s
163 r (beowulf) s
105 r (berkeley) s
1171 538 p (berliner) s
111 r (beryl) s
156 r (beverly) s
1171 588 p (bicameral) s
78 r (bob) s
179 r (brenda) s
1171 637 p (brian) s
155 r (bridget) s
123 r (broadway) s
1171 687 p (bumbling) s
80 r (bur) s
(gess) s
115 r (campanile) s
1171 737 p (cantor) s
137 r (cardinal) s
108 r (carmen) s
1171 787 p (carolina) s
107 r (caroline) s
108 r (cascades) s
1171 837 p (castle) s
147 r (cat) s
194 r (cayuga) s
1171 886 p (celtics) s
135 r (cerulean) s
102 r (change) s
1171 936 p (charles) s
124 r (charming) s
85 r (charon) s
1171 986 p (chester) s
124 r (cigar) s
159 r (classic) s
1171 1036 p (clusters) s
114 r (cof) s
(fee) s
139 r (coke) s
1171 1086 p (collins) s
129 r (commrades) s
52 r (computer) s
1171 1136 p (condo) s
139 r (cookie) s
131 r (cooper) s
1171 1185 p (cornelius) s
88 r (couscous) s
90 r (creation) s
1171 1235 p (creosote) s
103 r (cretin) s
147 r (daemon) s
1171 1285 p (dancer) s
131 r (daniel) s
140 r (danny) s
1171 1335 p (dave) s
163 r (december) s
82 r (defoe) s
1171 1385 p (deluge) s
130 r (desperate) s
86 r (develop) s
1171 1434 p (dieter) s
146 r (digital) s
134 r (discovery) s
1171 1484 p (disney) s
132 r (dog) s
179 r (drought) s
1171 1534 p (duncan) s
121 r (eager) s
153 r (easier) s
1171 1584 p (edges) s
147 r (edinbur) s
(gh) s
72 r (edwin) s
1171 1634 p (edwina) s
121 r (egghead) s
104 r (eiderdown) s
1171 1683 p (eileen) s
142 r (einstein) s
112 r (elephant) s
1171 1733 p (elizabeth) s
91 r (ellen) s
161 r (emerald) s
1171 1783 p (engine) s
130 r (engineer) s
99 r (enterprise) s
1171 1833 p (enzyme) s
113 r (ersatz) s
146 r (establish) s
1171 1883 p (estate) s
147 r (euclid) s
140 r (evelyn) s
1171 1933 p (extension) s
81 r (fairway) s
115 r (felicia) s
1171 1982 p (fender) s
135 r (fermat) s
134 r 174 c
(delity) s
1171 2032 p 174 c
(nite) s
155 r 174 c
(shers) s
134 r 175 c
(akes) s
1171 2082 p 175 c
(oat) s
167 r 175 c
(ower) s
136 r 175 c
(owers) s
1171 2132 p (foolproof) s
82 r (football) s
111 r (foresight) s
1171 2182 p (format) s
130 r (forsythe) s
105 r (fourier) s
1171 2231 p (fred) s
174 r (friend) s
142 r (frighten) s
1171 2281 p (fun) s
185 r (fungible) s
102 r (gabriel) s
1171 2331 p (gardner) s
114 r (gar) s
174 c
(eld) s
115 r (gauss) s
1171 2381 p (geor) s
(ge) s
128 r (gertrude) s
103 r (ginger) s
1171 2431 p (glacier) s
128 r (gnu) s
179 r (golfer) s
1171 2480 p (gor) s
(geous) s
88 r (gor) s
(ges) s
131 r (gosling) s
1171 2530 p (gouge) s
139 r (graham) s
118 r (gryphon) s
1171 2580 p (guest) s
153 r (guitar) s
144 r (gumption) s
1171 2630 p (guntis) s
138 r (hacker) s
132 r (hamlet) s
1171 2680 p (handily) s
115 r (happening) s
68 r (harmony) s
954 2842 p (25) s
@eop
26 @bop0
/cmmi10.300 @newfont
cmmi10.300 @sf
[<000001800000078000001F0000007C000001F0000007C000001F0000007C000001F0000007C000001F0000007C000000F000
0000F00000007C0000001F00000007C0000001F00000007C0000001F00000007C0000001F00000007C0000001F8000000780
00000180> 25 26 -3 3 32] 60 @dc
[<C0000000F0000000FC0000001F00000007C0000001F00000007C0000001F00000007C0000001F00000007C0000001F000000
07800000078000001F0000007C000001F0000007C000001F0000007C000001F0000007C000001F0000007C000000F0000000
80000000> 25 26 -3 3 32] 62 @dc
26 @bop1
t-rom.300 @sf
106 89 p (harold) s
176 r (harvey) s
105 r (hebrides) s
106 139 p (heinlein) s
148 r (hello) s
134 r (help) s
106 189 p (herbert) s
165 r (hiawatha) s
68 r (hibernia) s
106 239 p (honey) s
181 r (horse) s
128 r (horus) s
106 289 p (hutchins) s
141 r (imbroglio) s
52 r (imperial) s
106 339 p (include) s
160 r (ingres) s
116 r (inna) s
106 388 p (innocuous) s
111 r (irishman) s
72 r (isis) s
106 438 p (japan) s
193 r (jessica) s
108 r (jester) s
106 488 p (jixian) s
187 r (johnny) s
101 r (joseph) s
106 538 p (joshua) s
174 r (judith) s
119 r (juggle) s
106 588 p (julia) s
208 r (kathleen) s
77 r (kermit) s
106 637 p (kernel) s
179 r (kirkland) s
78 r (knight) s
106 687 p (ladle) s
202 r (lambda) s
96 r (lamination) s
106 737 p (larkin) s
185 r (larry) s
139 r (lazarus) s
106 787 p (lebesgue) s
138 r (lee) s
170 r (leland) s
106 837 p (leroy) s
197 r (lewis) s
130 r (light) s
106 886 p (lisa) s
225 r (louis) s
136 r (lynne) s
106 936 p (macintosh) s
112 r (mack) s
129 r (maggot) s
106 986 p (magic) s
182 r (malcolm) s
73 r (mark) s
106 1036 p (markus) s
161 r (marty) s
121 r (marvin) s
106 1086 p (master) s
173 r (maurice) s
85 r (mellon) s
106 1136 p (merlin) s
174 r (mets) s
140 r (michael) s
106 1185 p (michelle) s
140 r (mike) s
135 r (minimum) s
106 1235 p (minsky) s
160 r (moguls) s
95 r (moose) s
106 1285 p (morley) s
165 r (mozart) s
103 r (nancy) s
106 1335 p (napoleon) s
130 r (nepenthe) s
68 r (ness) s
106 1385 p (network) s
146 r (newton) s
95 r (next) s
106 1434 p (noxious) s
150 r (nutriti) s
-1 r (on) s
73 r (nyquist) s
106 1484 p (oceanography) s
50 r (ocelot) s
116 r (olivetti) s
106 1534 p (olivia) s
187 r (oracle) s
117 r (orca) s
106 1584 p (orwell) s
176 r (osiris) s
127 r (outlaw) s
106 1634 p (oxford) s
171 r (paci) s
174 c
99 c
108 r (painless) s
106 1683 p (pakistan) s
144 r (pam) s
147 r (papers) s
106 1733 p (password) s
126 r (patricia) s
93 r (penguin) s
106 1783 p (peoria) s
179 r (percolate) s
66 r (persimmon) s
106 1833 p (persona) s
154 r (pete) s
149 r (peter) s
106 1883 p (philip) s
184 r (phoenix) s
83 r (pierre) s
106 1933 p (pizza) s
196 r (plover) s
111 r (plymouth) s
106 1982 p (polynomial) s
92 r (pondering) s
48 r (pork) s
106 2032 p (poster) s
181 r (praise) s
119 r (precious) s
106 2082 p (prelude) s
158 r (prince) s
114 r (princeton) s
106 2132 p (protect) s
167 r (protozoa) s
72 r (pumpkin) s
106 2182 p (puneet) s
172 r (puppet) s
104 r (rabbit) s
106 2231 p (rachmaninof) s
102 c
59 r (rainbow) s
81 r (raindrop) s
106 2281 p (raleigh) s
167 r (random) s
91 r (rascal) s
106 2331 p (really) s
188 r (rebecca) s
93 r (remote) s
106 2381 p (rick) s
218 r (ripple) s
120 r (robotics) s
106 2431 p (rochester) s
131 r (rolex) s
132 r (romano) s
106 2480 p (ronald) s
176 r (rosebud) s
86 r (rosemary) s
106 2530 p (roses) s
198 r (ruben) s
123 r (rules) s
106 2580 p (ruth) s
215 r (sal) s
172 r (saxon) s
106 2630 p (scamper) s
146 r (scheme) s
95 r (scott) s
106 2680 p (scotty) s
183 r (secret) s
122 r (sensor) s
1159 89 p (serenity) s
81 r (sharks) s
162 r (sharon) s
1159 139 p (shef) s
174 c
(eld) s
70 r (sheldon) s
138 r (shiva) s
1159 189 p (shivers) s
95 r (shuttle) s
156 r (signature) s
1159 239 p (simon) s
111 r (simple) s
157 r (singer) s
1159 289 p (single) s
113 r (smile) s
178 r (smiles) s
1159 339 p (smooch) s
84 r (smother) s
134 r (snatch) s
1159 388 p (snoopy) s
92 r (soap) s
192 r (socrates) s
1159 438 p (sossina) s
93 r (sparrows) s
118 r (spit) s
1159 488 p (spring) s
108 r (springer) s
131 r (squires) s
1159 538 p (strangle) s
81 r (stratford) s
126 r (stuttgart) s
1159 588 p (subway) s
86 r (success) s
145 r (summer) s
1159 637 p (super) s
123 r (superstage) s
93 r (support) s
1159 687 p (supported) s
48 r (surfer) s
171 r (suzanne) s
1159 737 p (swearer) s
85 r (symmetry) s
102 r (tangerine) s
1159 787 p (tape) s
144 r (tar) s
(get) s
173 r (tarragon) s
1159 837 p (taylor) s
115 r (telephone) s
106 r (temptation) s
1159 886 p (thailand) s
78 r (tiger) s
191 r (toggle) s
1159 936 p (tomato) s
97 r (topography) s
77 r (tortoise) s
1159 986 p (toyota) s
108 r (trails) s
184 r (trivial) s
1159 1036 p (trombone) s
53 r (tubas) s
180 r (tuttle) s
1159 1086 p (umesh) s
105 r (unhappy) s
124 r (unicorn) s
1159 1136 p (unknown) s
57 r (urchin) s
161 r (utility) s
1159 1185 p (vasant) s
107 r (vertigo) s
149 r (vicky) s
1159 1235 p (village) s
99 r (vir) s
(gini) s
-1 r 97 c
138 r (warren) s
1159 1285 p (water) s
121 r (weenie) s
151 r (whatnot) s
1159 1335 p (whiting) s
84 r (whitney) s
133 r (will) s
1159 1385 p (william) s
85 r (williamsbur) s
103 c
47 r (willie) s
1159 1434 p (winston) s
80 r (wisconsin) s
101 r (wizard) s
1159 1484 p (wombat) s
79 r (woodwind) s
91 r (wormwood) s
1159 1534 p (yacov) s
114 r (yang) s
187 r (yellowstone) s
1159 1584 p (yosemite) s
63 r (zap) s
211 r (zimmerman) s
t-bol.420 @sf
1012 1716 p 67 c
59 r (Cast) s
22 r (of) s
22 r (Characters) s
t-rom.300 @sf
1012 1812 p (This) s
14 r (is) s
14 r (an) s
14 r (alphabetical) s
13 r (list) s
12 r (of) s
14 r (all) s
13 r (the) s
14 r (people) s
13 r (mentioned) s
13 r (in) s
1012 1861 p (section) s
10 r (3,) s
11 r (their) s
9 r (network) s
10 r (addresses,) s
12 r (and) s
10 r (af) s
174 c
(liations.) s
1012 1963 p (Don) s
10 r (Alvarez) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(boomer@space.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 2012 p (MIT) s
11 r (Center) s
10 r (for) s
10 r (Space) s
11 r (Research) s
1012 2113 p (Richard) s
10 r (Basch) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(probe@athena.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 2163 p (MIT) s
11 r (Athena) s
10 r (and) s
11 r (SIPB) s
1012 2264 p (Don) s
10 r (Becker) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(becker@trantor) s
-1 r (.harris-atd.com) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 2314 p (Harris) s
11 r (Corporatio) s
-1 r 110 c
9 r (and) s
10 r (MIT) s
10 r (SIPB.) s
1012 2415 p (Matt) s
10 r (Bishop) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(bishop@bear) s
-1 r (.dartmouth.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 2465 p (Dartmouth) s
10 r (University) s
1012 2566 p (Hal) s
11 r (Birkeland) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(hkbirke@athena.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 2616 p (MIT) s
11 r (Media) s
10 r (Laboratory) s
1012 2717 p (Keith) s
10 r (Bostic) s
cmmi10.300 @sf
10 r 60 c
t-rom.300 @sf
(bostic@okeef) s
(fe.berkeley) s
-2 r (.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
954 2842 p (26) s
@eop
27 @bop0
27 @bop1
t-rom.300 @sf
-36 96 p (Universi) s
-1 r (ty) s
8 r (of) s
10 r (California,) s
9 r (Berkeley) s
-36 198 p (Russell) s
8 r (Brand) s
cmmi10.300 @sf
10 r 60 c
t-rom.300 @sf
(brand@lll-cr) s
(g.ll) s
-1 r (nl) s
-1 r (.gov) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 247 p (Lawrence) s
11 r (Livermore) s
10 r (National) s
9 r (Laboratory) s
-36 349 p (James) s
10 r (D.) s
11 r (Bruce) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(jdb@delphi.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 399 p (MIT) s
9 r (Information) s
9 r (Systems) s
-36 500 p (John) s
8 r (Bruner) s
cmmi10.300 @sf
10 r 60 c
t-rom.300 @sf
(jdb@mordor) s
-2 r (.s1.gov) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 550 p (Lawrence) s
11 r (Livermore) s
10 r (National) s
9 r (Laboratory) s
-36 651 p (Liudvi) s
-1 r (kas) s
9 r (Bukys) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(bukys@cs.rochester) s
-1 r (.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 701 p (Universi) s
-1 r (ty) s
8 r (of) s
10 r (Rochester) s
-36 802 p (Chuck) s
8 r (Cole) s
cmmi10.300 @sf
10 r 60 c
t-rom.300 @sf
(cole@lll-cr) s
(g.llnl) s
-1 r (.gov) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 852 p (Lawrence) s
11 r (Livermore) s
10 r (National) s
9 r (Laboratory) s
-36 954 p (Pascal) s
10 r (Chesnais) s
cmmi10.300 @sf
10 r 60 c
t-rom.300 @sf
(lacsap@media-lab.me) s
1 r (dia.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 1004 p (MIT) s
9 r (Media) s
10 r (Laboratory) s
-36 1105 p (Jean) s
10 r (Diaz) s
cmmi10.300 @sf
10 r 60 c
t-rom.300 @sf
(ambar@athena.m) s
1 r (it.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 1155 p (Oracle) s
10 r (Corporatio) s
-1 r 110 c
8 r (and) s
11 r (MIT) s
10 r (SIPB) s
-36 1256 p (Dave) s
9 r (Edwards) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(dle@sri.com) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 1306 p (SRI,) s
9 r (International) s
-36 1407 p (Mark) s
9 r (Eichin) s
cmmi10.300 @sf
10 r 60 c
t-rom.300 @sf
(eichin@athena.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 1457 p (MIT) s
9 r (Athena) s
10 r (and) s
11 r (SIPB) s
-36 1559 p (Kent) s
9 r (England) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(kwe@bu-cs.bu.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 1609 p (Bosto) s
-1 r 110 c
9 r (University) s
-36 1710 p (Paul) s
9 r (Flaherty) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(paulf@jessica.stanford.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 1760 p (Stanford) s
8 r (University) s
-36 1861 p (Jim) s
9 r (Fulton) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(jim@expo.lcs.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 1911 p (MIT) s
9 r 88 c
10 r (Consortium) s
-36 2012 p (Robert) s
8 r (French) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(rfrench@athena.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 2062 p (MIT) s
9 r (SIPB) s
10 r (and) s
10 r (Project) s
10 r (Athena) s
-36 2164 p (Dan) s
9 r (Geer) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(geer@athena.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 2213 p (MIT) s
9 r (Project) s
10 r (Athena) s
-36 2315 p (Paul) s
9 r (Graham) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(pg@harvard.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 2365 p (Harvard) s
9 r (University) s
-36 2466 p (Chri) s
-1 r 115 c
9 r (Hanson) s
cmmi10.300 @sf
10 r 60 c
t-rom.300 @sf
(cph@zurich.ai.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 2516 p (MIT) s
9 r (AI) s
10 r (Laboratory) s
-36 2617 p (Ser) s
(gi) s
-1 r 111 c
9 r (Heker) s
cmmi10.300 @sf
10 r 60 c
t-rom.300 @sf
(heker@jvnca.csc.) s
1 r (or) s
103 c
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 2667 p (John) s
8 r 86 c
-4 r (on) s
9 r (Neumann) s
11 r (National) s
9 r (Supercomputer) s
10 r (Center) s
1012 96 p (Ray) s
11 r (Hirschfeld) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(ray@math.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 146 p (MIT) s
11 r (Math) s
10 r (Department/AI) s
10 r (Laboratory) s
1012 247 p (Ron) s
10 r (Hof) s
(fmann) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(hof) s
(fmann@bitsy) s
-3 r (.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 297 p (MIT) s
11 r 84 c
-2 r (elecommunications) s
10 r (Network) s
9 r (Group) s
1012 399 p (Jon) s
11 r (Kamens) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(jik@athena.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 448 p (MIT) s
11 r (Project) s
10 r (Athena) s
10 r (and) s
10 r (SIPB) s
1012 550 p (Mike) s
10 r (Karels) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(karels@ucbarpa.berkeley) s
-2 r (.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 600 p (University) s
9 r (of) s
10 r (California,) s
9 r (Berkeley) s
1012 701 p (John) s
10 r (Kohl) s
cmmi10.300 @sf
10 r 60 c
t-rom.300 @sf
(jtkohl@athena.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 751 p (Digital) s
9 r (Equipment) s
10 r (Corporation) s
-1 r 44 c
9 r (MIT) s
11 r (Athena) s
10 r (and) s
10 r (SIPB) s
1012 852 p (Rich) s
10 r (Kulawiec) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(rsk@mace.cc) s
1 r (.purdue.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 902 p (Purdue) s
1012 1004 p (Phil) s
10 r (Lapsley) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(phil@berkeley) s
-2 r (.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 1053 p (University) s
9 r (of) s
10 r (California,) s
9 r (Berkeley) s
1012 1155 p (Milo) s
10 r (Medin) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(medin@nsipo.nasa.gov) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 1205 p (NASA) s
11 r (Ames) s
1012 1306 p (Steve) s
11 r (Miller) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(steve@umiacs.umd.e) s
1 r (du) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 1356 p (University) s
9 r (of) s
10 r (Maryland) s
1012 1457 p (Russ) s
11 r (Mundy) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(mundy@beast.ddn.mil) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 1507 p (Defense) s
12 r (Communications) s
9 r (Agency) s
1012 1609 p (Mike) s
10 r (Muuss) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(mike@brl.mil) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 1658 p (Ballistic) s
9 r (Research) s
12 r (Laboratory) s
1012 1760 p (Eugene) s
11 r (Myers) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(EDMyers@dockmaster) s
-1 r (.arpa) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 1810 p (National) s
10 r (Computer) s
9 r (Security) s
10 r (Center) s
1012 1911 p (Peter) s
11 r (Neumann) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(neumann@csl.sri.com) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 1961 p (SRI) s
10 r (International) s
1012 2062 p (Mike) s
10 r (Patton) s
cmmi10.300 @sf
10 r 60 c
t-rom.300 @sf
(map@lcs.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 2112 p (MIT) s
11 r (LCS) s
1012 2213 p (Kurt) s
10 r (Pires) s
cmmi10.300 @sf
10 r 60 c
t-rom.300 @sf
(kjpires@berkeley) s
-2 r (.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 2263 p (University) s
9 r (of) s
10 r (California,) s
9 r (Berkeley) s
1012 2365 p (Mark) s
11 r (Reinhold) s
cmmi10.300 @sf
8 r 60 c
t-rom.300 @sf
(mbr@lcs.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 2415 p (MIT) s
11 r (Laboratory) s
10 r (of) s
10 r (Computer) s
9 r (Science) s
1012 2516 p (Jon) s
11 r (Rochlis) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(jon@bitsy) s
-3 r (.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 2566 p (MIT) s
11 r 84 c
-2 r (elecommunications) s
10 r (Network) s
9 r (Group) s
10 r (and) s
10 r (SIPB) s
1012 2667 p (Miek) s
10 r (Rowan) s
cmmi10.300 @sf
10 r 60 c
t-rom.300 @sf
(mtr@mace.) s
1 r (cc.) s
1 r (purdue.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
1012 2717 p (Purdue) s
10 r (University) s
954 2842 p (27) s
@eop
28 @bop0
28 @bop1
t-rom.300 @sf
-36 149 p (Jerry) s
9 r (Saltzer) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(Saltzer@athena.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 198 p (MIT) s
9 r (Laboratory) s
10 r (of) s
10 r (Computer) s
9 r (Science) s
12 r (and) s
10 r (Project) s
10 r (Athena) s
-36 301 p (Jef) s
102 c
8 r (Schiller) s
cmmi10.300 @sf
10 r 60 c
t-rom.300 @sf
(jis@bitsy) s
-2 r (.mit) s
-1 r (.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 350 p (MIT) s
18 r 84 c
-2 r (elecommunications) s
19 r (Network) s
18 r (Group,) s
22 r (Athena,) s
22 r (and) s
-36 400 p (SIPB) s
-36 502 p (Mike) s
9 r (Shanzer) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(shanzer@athena.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 552 p (MIT) s
9 r (Project) s
10 r (Athena) s
-36 655 p 84 c
(im) s
8 r (Shepard) s
cmmi10.300 @sf
10 r 60 c
t-rom.300 @sf
(shep@ptt.lcs.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 704 p (MIT) s
9 r (Laboratory) s
10 r (of) s
10 r (Computer) s
9 r (Science) s
-36 807 p (Bil) s
-1 r 108 c
8 r (Sommerfeld) s
cmmi10.300 @sf
11 r 60 c
t-rom.300 @sf
(wesommer@athena.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 856 p (Apoll) s
-1 r 111 c
8 r (Computer) s
-1 r 44 c
9 r (MIT) s
11 r (Athena) s
10 r (and) s
10 r (SIPB) s
-36 959 p (Gene) s
9 r (Spaf) s
(ford) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(spaf@cs.purdue.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 1008 p (Purdue) s
8 r (University) s
-36 1111 p (Mike) s
9 r (Spitzer) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(mjs@mentor) s
-1 r (.cc.purdue.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 1161 p (Purdue) s
8 r (University) s
-36 1263 p (Cli) s
-1 r 102 c
-1 r 102 c
9 r (Stoll) s
cmmi10.300 @sf
8 r 60 c
t-rom.300 @sf
(clif) s
(f@cfa200.harvard.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 1313 p (Harvard) s
9 r (University) s
-36 1415 p (Andy) s
8 r (Sudduth) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(sudduth@harvard.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 1465 p (Harvard) s
9 r (University) s
-36 1567 p 84 c
-2 r (ed) s
9 r 84 c
-2 r (s'o) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(tytso@athena.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 1617 p (MIT) s
9 r (Athena) s
10 r (and) s
11 r (SIPB) s
-36 1719 p (Edward) s
9 r 87 c
-2 r (ang) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(edward@berkeley) s
-2 r (.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 1769 p (Universi) s
-1 r (ty) s
8 r (of) s
10 r (California,) s
9 r (Berkeley) s
-36 1871 p (Peter) s
9 r 89 c
-3 r (ee) s
cmmi10.300 @sf
10 r 60 c
t-rom.300 @sf
(yee@ame) s
1 r (s.arc) s
1 r (.nasa) s
1 r (.gov) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 1921 p (NASA) s
9 r (Ames) s
-36 2023 p (Stan) s
9 r (Zanarotti) s
cmmi10.300 @sf
9 r 60 c
t-rom.300 @sf
(srz@lcs.mit.edu) s
cmmi10.300 @sf
62 c
t-rom.300 @sf
-36 2073 p (MIT) s
9 r (Laboratory) s
10 r (of) s
10 r (Computer) s
9 r (Science) s
12 r (and) s
10 r (SIPB) s
t-bol.420 @sf
-36 2277 p (Refer) s
-1 r (ences) s
t-rom.300 @sf
-16 2374 p ([1]) s
19 r (R.) s
10 r (Hinden,) s
9 r (J.) s
10 r (Haverty) s
-2 r 44 c
9 r (and) s
9 r (A.) s
10 r (Sheltzer) s
-1 r 44 c
9 r 96 c
-2 r (`The) s
9 r (DARP) s
-3 r 65 c
52 2424 p (Internet:) s
30 r (Interconnecting) s
18 r (Heterogeneous) s
18 r (Computer) s
52 2474 p (Networks) s
16 r (with) s
16 r (Gateways,') s
-2 r 39 c
t-ita.300 @sf
18 r (IEEE) s
17 r (Computer) s
16 r (Maga-) s
52 2524 p (zine) s
t-rom.300 @sf
44 c
11 r (vol.) s
10 r (16,) s
10 r (num.) s
11 r (9,) s
10 r (pp.) s
10 r (38) s
177 c
(48,) s
10 r (September) s
11 r (1983.) s
-16 2617 p ([2]) s
19 r (J.) s
14 r (S.) s
14 r (Quarterman) s
13 r (and) s
13 r (J.) s
14 r (C.) s
13 r (Hoskins,) s
13 r 96 c
-2 r (`Notabl) s
-1 r 101 c
12 r (Com-) s
52 2667 p (puter) s
18 r (Networks,') s
-2 r 39 c
18 r (in) s
t-ita.300 @sf
17 r (Communicati) s
-1 r (ons) s
16 r (of) s
17 r (the) s
17 r (ACM) s
t-rom.300 @sf
44 c
52 2717 p (vol.) s
10 r (29,) s
10 r (num.) s
11 r (10,) s
10 r (pp.) s
11 r (932) s
177 c
(971,) s
9 r (October) s
10 r (1986.) s
1033 96 p ([3]) s
20 r (S.) s
11 r (E.) s
10 r (Luria,) s
10 r (S.) s
11 r (J.) s
10 r (Gould,) s
9 r (and) s
10 r (S.) s
10 r (Singer) s
-1 r 44 c
t-ita.300 @sf
9 r 65 c
11 r 86 c
-2 r (iew) s
8 r (of) s
9 r (Life) s
t-rom.300 @sf
46 c
1102 146 p (Menlo) s
16 r (Park,) s
19 r (California:) s
23 r (Benjamin/Cummings) s
15 r (Pub-) s
1102 196 p (lishing) s
9 r (Company) s
-2 r 44 c
9 r (Inc.,) s
11 r (1981.) s
1033 280 p ([4]) s
20 r (J.) s
22 r 87 c
-2 r (atson) s
t-ita.300 @sf
19 r (et) s
21 r (al.) s
t-rom.300 @sf
44 c
t-ita.300 @sf
23 r (Molecular) s
20 r (Biology) s
20 r (of) s
20 r (the) s
20 r (Gene) s
t-rom.300 @sf
46 c
1102 330 p (Menlo) s
16 r (Park,) s
19 r (California:) s
23 r (Benjamin/Cummings) s
15 r (Pub-) s
1102 379 p (lishing) s
9 r (Company) s
-2 r 44 c
9 r (Inc.,) s
11 r (1987.) s
1033 463 p ([5]) s
20 r (G.) s
11 r (G.) s
10 r (Simpson) s
9 r (and) s
10 r 87 c
-3 r 46 c
10 r (S.) s
11 r (Beck,) s
t-ita.300 @sf
10 r (Life:) s
13 r (An) s
10 r (Intr) s
-1 r (oduction) s
1102 513 p (to) s
13 r (Biology) s
t-rom.300 @sf
46 c
27 r (New) s
14 r 89 c
-3 r (ork,) s
13 r (New) s
14 r 89 c
-3 r (ork:) s
18 r (Harcourt,) s
15 r (Brace) s
1102 563 p (and) s
11 r 87 c
-2 r (ard,) s
9 r (Inc.,) s
11 r (1965.) s
1033 647 p ([6]) s
20 r (L.) s
25 r (Castro) s
t-ita.300 @sf
24 r (et) s
24 r (al.) s
t-rom.300 @sf
44 c
28 r 96 c
-2 r (`Post) s
22 r (Mortem) s
24 r (of) s
24 r 51 c
24 r (November) s
1102 697 p (ARP) s
-3 r (ANET/MILNET) s
25 r (Attack.') s
-2 r 39 c
24 r (National) s
23 r (Computer) s
1102 747 p (Security) s
10 r (Center) s
-1 r 44 c
10 r (Ft.) s
10 r (Meade) s
12 r (MD,) s
10 r 56 c
10 r (November) s
11 r (1988.) s
1033 831 p ([7]) s
20 r 80 c
-4 r 46 c
10 r (J.) s
11 r (Denning,) s
10 r 96 c
-2 r (`Comput) s
-1 r (er) s
9 r 86 c
-1 r (ir) s
-1 r (uses,') s
-2 r 39 c
t-ita.300 @sf
8 r (American) s
11 r (Scien-) s
1102 881 p (tist) s
t-rom.300 @sf
44 c
10 r (vol.) s
10 r (766,) s
10 r (pp.) s
10 r (236) s
177 c
(238,) s
9 r (May-June) s
10 r (1988.) s
1033 965 p ([8]) s
20 r (D.) s
9 r (Seeley) s
-2 r 44 c
9 r 96 c
-2 r (`A) s
6 r 84 c
-2 r (our) s
7 r (of) s
8 r (the) s
8 r 87 c
-2 r (orm,') s
-3 r 39 c
7 r (in) s
t-ita.300 @sf
7 r (USENIX) s
8 r (Associ-) s
1102 1014 p (ation) s
10 r 87 c
-1 r (i) s
-1 r (nter) s
9 r (Confer) s
-1 r (ence) s
11 r (1989) s
9 r (Pr) s
-1 r (oceedings) s
t-rom.300 @sf
44 c
12 r (pp.) s
10 r (287) s
177 c
1102 1064 p (304,) s
10 r (January) s
11 r (1989.) s
1033 1148 p ([9]) s
20 r (E.) s
18 r (H.) s
17 r (Spaf) s
(ford,) s
17 r 96 c
-2 r (`The) s
16 r (Internet) s
15 r 87 c
-2 r (orm) s
16 r (Program:) s
26 r (An) s
1102 1198 p (Analysis,') s
-2 r 39 c
t-ita.300 @sf
9 r (ACM) s
10 r (SIGCOM) s
t-rom.300 @sf
44 c
10 r (vol.) s
9 r (19,) s
11 r (January) s
10 r (1989.) s
1012 1282 p ([10]) s
20 r (K.) s
22 r (Harrenstien,) s
24 r 96 c
-2 r (`NAME/FINGER) s
20 r (Protocol) s
20 r (Proto-) s
1102 1332 p (col,') s
-2 r 39 c
8 r (Request) s
7 r (For) s
8 r (Comments) s
8 r (NIC/RFC) s
6 r (742,) s
8 r (Network) s
1102 1382 p 87 c
-2 r (orking) s
8 r (Group,) s
10 r (USC) s
10 r (ISI,) s
10 r (Novemeber) s
11 r (1977.) s
1014 1466 p ([1) s
-1 r (1]) s
19 r (J.) s
12 r (Markof) s
(f,) s
10 r 96 c
-2 r (`Computer) s
9 r (Snarl:) s
15 r 65 c
11 r (`Back) s
11 r (Door) s
2 r 39 c
10 r (Ajar,') s
-2 r 39 c
t-ita.300 @sf
1102 1515 p (New) s
11 r 89 c
-3 r (ork) s
10 r 84 c
-1 r (imes) s
t-rom.300 @sf
44 c
9 r (p.) s
11 r (B10,) s
10 r 55 c
10 r (November) s
10 r (1988.) s
1012 1600 p ([12]) s
20 r (J.) s
17 r (B.) s
16 r (Postel,) s
17 r 96 c
-2 r (`Simpl) s
-1 r 101 c
15 r (Mail) s
15 r 84 c
(ransfer) s
15 r (Protocol,') s
-2 r 39 c
15 r (Re-) s
1102 1649 p (quest) s
13 r (For) s
12 r (Comments) s
12 r (NIC/RFC) s
11 r (821,) s
13 r (Network) s
11 r 87 c
-2 r (ork-) s
1102 1699 p (ing) s
10 r (Group,) s
10 r (USC) s
10 r (ISI,) s
10 r (August) s
10 r (1982.) s
1012 1783 p ([13]) s
20 r (S.) s
16 r (Bellovin,) s
16 r 96 c
-2 r (`The) s
14 r (worm) s
16 r (and) s
15 r (the) s
15 r (debug) s
15 r (option,') s
-2 r 39 c
14 r (in) s
t-ita.300 @sf
1102 1833 p (Forum) s
13 r (on) s
13 r (Risks) s
14 r (to) s
12 r (the) s
13 r (Public) s
12 r (in) s
12 r (Computers) s
13 r (and) s
12 r (Re-) s
1102 1883 p (lated) s
13 r (Systems) s
t-rom.300 @sf
44 c
15 r (vol.) s
12 r (7,) s
15 r (num.) s
13 r (74,) s
14 r (ACM) s
13 r (Committee) s
13 r (on) s
1102 1933 p (Computers) s
10 r (and) s
10 r (Public) s
10 r (Policy) s
-2 r 44 c
9 r (10) s
10 r (November) s
10 r (1988.) s
1012 2017 p ([14]) s
20 r (J.) s
8 r (Collyer) s
-1 r 44 c
6 r 96 c
-2 r (`Risks) s
6 r (of) s
7 r (unchecked) s
7 r (input) s
6 r (in) s
7 r 67 c
7 r (programs,') s
-2 r 39 c
1102 2066 p (in) s
t-ita.300 @sf
8 r (Forum) s
9 r (on) s
8 r (Risks) s
9 r (to) s
8 r (the) s
8 r (Public) s
8 r (in) s
7 r (Computers) s
8 r (and) s
8 r (Re-) s
1102 2116 p (lated) s
13 r (Systems) s
t-rom.300 @sf
44 c
15 r (vol.) s
12 r (7,) s
15 r (num.) s
13 r (74,) s
14 r (ACM) s
13 r (Committee) s
13 r (on) s
1102 2166 p (Computers) s
10 r (and) s
10 r (Public) s
10 r (Policy) s
-2 r 44 c
9 r (10) s
10 r (November) s
10 r (1988.) s
1012 2250 p ([15]) s
20 r (J.) s
9 r (Saltzer) s
9 r (and) s
8 r (M.) s
9 r (Schroeder) s
-1 r 44 c
9 r 96 c
-2 r (`The) s
8 r (Protection) s
7 r (of) s
8 r (Infor-) s
1102 2300 p (mation) s
7 r (in) s
7 r (Computer) s
7 r (Systems,') s
-2 r 39 c
7 r (in) s
t-ita.300 @sf
7 r (Pr) s
-1 r (oc.) s
8 r (IEEE) s
t-rom.300 @sf
44 c
9 r (vol.) s
7 r (63,) s
1102 2350 p (num.) s
11 r (9,) s
10 r (pp.) s
11 r (1278) s
177 c
(1308,) s
8 r (IEEE,) s
12 r (September) s
11 r (1975.) s
1012 2434 p ([16]) s
20 r (J.) s
10 r (Steiner) s
-1 r 44 c
9 r (C.) s
10 r (Neuman,) s
10 r (and) s
10 r (J.) s
10 r (Schiller) s
-1 r 44 c
8 r 96 c
-2 r (`Kerberos:) s
12 r (An) s
1102 2484 p (Authentication) s
10 r (Service) s
11 r (for) s
11 r (Open) s
11 r (Network) s
11 r (Systems,') s
-2 r 39 c
1102 2533 p (in) s
t-ita.300 @sf
9 r (USENIX) s
10 r (Association) s
8 r 87 c
-1 r (int) s
-1 r (er) s
9 r (Confer) s
-1 r (ence) s
9 r (1988) s
9 r (Pr) s
-1 r (o-) s
1102 2583 p (ceedings) s
t-rom.300 @sf
44 c
11 r (pp.) s
11 r (191) s
177 c
(202,) s
9 r (February) s
10 r (1988.) s
1012 2667 p ([17]) s
20 r (M.) s
16 r (R.) s
15 r (Horton,) s
16 r 96 c
-2 r (`How) s
13 r (to) s
15 r (Read) s
15 r (the) s
15 r (Network) s
15 r (News,') s
-2 r 39 c
t-ita.300 @sf
1102 2717 p (UNIX) s
11 r (User) s
2 r 39 c
-4 r 115 c
9 r (Supplementary) s
9 r (Documents) s
t-rom.300 @sf
44 c
11 r (April) s
9 r (1986.) s
954 2842 p (28) s
@eop
29 @bop0
29 @bop1
t-rom.300 @sf
-36 96 p ([18]) s
18 r 80 c
-4 r 46 c
21 r (Mockapetris,) s
22 r 96 c
-2 r (`Domain) s
19 r (Names) s
22 r 45 c
20 r (Concepts) s
20 r (And) s
52 146 p (Facilities,') s
-2 r 39 c
14 r (Request) s
14 r (For) s
13 r (Comments) s
14 r (NIC/RFC) s
13 r (1034,) s
52 196 p (Network) s
10 r 87 c
-2 r (orking) s
8 r (Group,) s
9 r (USC) s
11 r (ISI,) s
10 r (November) s
11 r (1987.) s
-36 279 p ([19]) s
18 r (J.) s
16 r (Markof) s
(f,) s
15 r 96 c
-2 r (`Autho) s
-1 r 114 c
13 r (of) s
15 r (Computer) s
14 r (`V) s
-1 r (iru) s
-1 r (s') s
13 r (Is) s
15 r (Son) s
15 r (of) s
52 329 p (U.S.) s
18 r (Electronic) s
16 r (Security) s
16 r (Expert,') s
-2 r 39 c
t-ita.300 @sf
17 r (New) s
16 r 89 c
-3 r (ork) s
16 r 84 c
-1 r (imes) s
t-rom.300 @sf
44 c
52 378 p (p.) s
11 r (A1,) s
10 r 53 c
11 r (November) s
10 r (1988.) s
-36 461 p ([20]) s
18 r 80 c
-4 r 46 c
17 r (G.) s
16 r (Neumann,) s
19 r (ed.,) s
t-ita.300 @sf
19 r (Forum) s
16 r (on) s
16 r (Risks) s
17 r (to) s
16 r (the) s
16 r (Public) s
52 511 p (in) s
13 r (Computers) s
13 r (and) s
12 r (Related) s
14 r (Systems) s
t-rom.300 @sf
44 c
15 r (vol.) s
13 r (7,) s
14 r (num.) s
14 r (69,) s
52 561 p (ACM) s
12 r (Committee) s
11 r (on) s
11 r (Computers) s
11 r (and) s
11 r (Public) s
11 r (Policy) s
-2 r 44 c
11 r 51 c
52 611 p (November) s
11 r (1988.) s
-36 694 p ([21]) s
18 r (???,) s
26 r 96 c
-2 r (`College) s
20 r (Whiz) s
21 r 96 c
-2 r (`Put) s
20 r 86 c
-1 r (ir) s
-1 r (us) s
20 r (in) s
21 r (Computers') s
-2 r (',') s
-3 r 39 c
t-ita.300 @sf
52 744 p (Boston) s
10 r (Herald) s
t-rom.300 @sf
44 c
10 r (p.) s
11 r (1,) s
10 r 53 c
11 r (November) s
10 r (1988.) s
-36 827 p ([22]) s
18 r (J.) s
17 r (Markof) s
(f,) s
16 r 96 c
-2 r (`U.S.) s
15 r (Is) s
16 r (Moving) s
15 r (to) s
15 r (Restrict) s
15 r (Access) s
17 r 84 c
-2 r 111 c
52 876 p (Facts) s
25 r (About) s
23 r (Computer) s
23 r 86 c
-1 r (iru) s
-1 r (s,') s
-2 r 39 c
t-ita.300 @sf
25 r (New) s
24 r 89 c
-3 r (ork) s
23 r 84 c
-1 r (imes) s
t-rom.300 @sf
44 c
52 926 p (p.) s
11 r (A28,) s
10 r 49 c
-1 r 49 c
10 r (November) s
10 r (1988.) s
-36 1009 p ([23]) s
18 r (J.) s
11 r (Mogul) s
9 r (and) s
10 r (J.) s
11 r (B.) s
10 r (Postel,) s
10 r 96 c
-2 r (`Internet) s
8 r (Standard) s
9 r (Subnet-) s
52 1059 p (ting) s
16 r (Procedure,') s
-2 r 39 c
17 r (Request) s
16 r (For) s
17 r (Comments) s
16 r (NIC/RFC) s
52 1109 p (950,) s
8 r (Network) s
6 r 87 c
-2 r (orking) s
5 r (Group,) s
7 r (USC) s
7 r (ISI,) s
7 r (August) s
6 r (1985.) s
-36 1192 p ([24]) s
18 r (G.) s
19 r (Spaf) s
(ford,) s
20 r 96 c
-2 r (`A) s
17 r (cure!!!!!,') s
-2 r 39 c
19 r (in) s
t-ita.300 @sf
18 r (Forum) s
19 r (on) s
18 r (Risks) s
19 r (to) s
52 1242 p (the) s
11 r (Public) s
10 r (in) s
10 r (Computers) s
10 r (and) s
10 r (Related) s
11 r (Systems) s
t-rom.300 @sf
44 c
11 r (vol.) s
10 r (7,) s
52 1292 p (num.) s
12 r (70,) s
12 r (ACM) s
11 r (Committee) s
10 r (on) s
11 r (Computers) s
11 r (and) s
11 r (Public) s
52 1341 p (Policy) s
-2 r 44 c
10 r 51 c
10 r (November) s
10 r (1988.) s
-36 1424 p ([25]) s
18 r (R.) s
11 r 87 c
-3 r 46 c
9 r (Baldwin,) s
t-ita.300 @sf
10 r (Rule) s
10 r (Based) s
10 r (Analysis) s
10 r (of) s
9 r (Computer) s
9 r (Se-) s
52 1474 p (curity) s
t-rom.300 @sf
46 c
16 r (PhD) s
10 r (thesis,) s
10 r (MIT) s
11 r (EE,) s
11 r (June) s
10 r (1987.) s
-36 1557 p ([26]) s
18 r (G.) s
19 r (Spaf) s
(ford,) s
20 r 96 c
-2 r (`A) s
17 r (worm) s
18 r 96 c
-2 r (`condom') s
-3 r (',') s
-3 r 39 c
19 r (in) s
t-ita.300 @sf
17 r (Forum) s
19 r (on) s
52 1607 p (Risks) s
9 r (to) s
7 r (the) s
7 r (Public) s
7 r (in) s
7 r (Computers) s
6 r (and) s
7 r (Related) s
8 r (Systems) s
t-rom.300 @sf
44 c
52 1657 p (vol.) s
11 r (7,) s
12 r (num.) s
12 r (70,) s
11 r (ACM) s
11 r (Committee) s
11 r (on) s
11 r (Computers) s
11 r (and) s
52 1707 p (Public) s
10 r (Policy) s
-2 r 44 c
9 r 51 c
10 r (November) s
11 r (1988.) s
954 2842 p (29) s
@eop
@end