BBC NEWS Americas Africa Europe Middle East South Asia Asia Pacific
BBCi NEWS   SPORT   WEATHER   WORLD SERVICE   A-Z INDEX     

BBC News World Edition
 You are in: Technology  
News Front Page
Africa
Americas
Asia-Pacific
Europe
Middle East
South Asia
UK
Business
Entertainment
Science/Nature
Technology
Health
-------------
Talking Point
-------------
Country Profiles
In Depth
-------------
Programmes
-------------
BBC Sport
BBC Weather
SERVICES
-------------
EDITIONS
Tuesday, 17 September, 2002, 11:58 GMT 12:58 UK
Slapper worm threatens net attack
The White House, BBC
The White House dodged a web worm in 2001
A malicious web worm is travelling across the internet enrolling vulnerable machines into a network that some experts think will be used to attack high profile websites.

The US net security watchdog, the Computer Emergency Response Team, has issued a warning about the "Slapper" worm that has infected thousands of Linux web servers.

The worm exploits a known loophole in a popular security program and is slowly recruiting machines into its attack network.

Security experts are urging people to update software to close the loophole and check to ensure their machine has not been infected.

Huge network

Home users have little to worry about as the Slapper worm only targets servers running the popular Apache software.

This free Linux-based program is by far the most widely used web server software.

The worm exploits a vulnerability in Apache servers running software called OpenSSL. Ironically, this is used to make web transactions secure.

The worm marks something of a departure for virus writers which typically target programs made by Microsoft.

"Unix is becoming more and more popular, with Apache beating Microsoft as the web server of choice for many companies," said Graham Cluley, senior technology consultant at Sophos.

"However, this popularity attracts attention from the cybercrime community, so fans of Unix need to remember to take security seriously," he said.

Anti-virus firm F-Secure has inserted a dummy machine into the peer-to-peer network being created by Slapper and the company estimates that, so far, the worm has recruited more than 6,000 machines.

Experts speculate that the creator of the worm wants to build a large network of slave machines that can be used to trigger denial of service attacks. These flood target sites and servers with data hoping to knock them offline.

Potential threat

So far the worm seems content to build up its own network and has only been used to carry out one attack on a net service provider.

Security experts are divided on the threat that Slapper poses. Some fear that if all the recruited machines are activated they could launch devastating attacks.

But other anti-virus companies are reporting that none of their customers have been infected by the worm and say the threat it poses is low.

Like many other malicious programs, the worm is exploiting a vulnerability that has been known about for some while.

The loophole was first discovered in August and patches for it were posted soon after. Anyone using OpenSSL up to and including versions 0.9.6d or 0.9.7beta1 is strongly advised to upgrade to the newest version.

See also:

22 May 01 | Science/Nature
02 Aug 01 | Science/Nature
30 May 01 | Science/Nature
11 Sep 02 | Technology
19 Jul 02 | Science/Nature
30 Oct 01 | Science/Nature
08 Aug 02 | Technology
Internet links:


The BBC is not responsible for the content of external internet sites

Links to more Technology stories are at the foot of the page.


E-mail this story to a friend

Links to more Technology stories

© BBC ^^ Back to top

News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East |
South Asia | UK | Business | Entertainment | Science/Nature |
Technology | Health | Talking Point | Country Profiles | In Depth |
Programmes