“Happy99”的意思、由来-开放百科全书

Happy99 (also termed Ska or I-Worm)^[4] is a computer worm for Microsoft Windows. It first appeared in mid-January 1999, spreading through email and usenet. The worm installs itself and runs in the background of a victim's machine, without their knowledge. It is generally considered the first virus to propagate by email, and has served as a template for the creation of other self-propagating viruses. Happy99 has spread on multiple continents, including North America, Europe, and Asia.

Significance

Happy99 was described by Paul Oldfield as "the first virus to spread rapidly by email".^[5] In the Computer Security Handbook, Happy99 is referred to as "the first modern worm".^[6] Happy99 also served as a template for the creation of ExploreZip, another self-spreading virus.^[7]

Spread

The worm first appeared on 20 January 1999.^[8] Media reports of the worm started coming in from the United States and Europe, in addition to numerous complaints on newsgroups from users that had become infected with the worm.^[9] Asia Pulse reported 74 cases of the virus from Japan in February, and 181 cases were reported in March—a monthly record at the time.^[10]^[11] On 3 March 1999, a Tokyo job company accidentally sent 4000 copies of the virus to 30 universities in Japan.^[12]

Dan Schrader of Trend Micro said that Happy99 was the single most commonly reported virus in their system for the month of March.^[13] A virus bulletin published in February 2000 reported that Happy99 caused reports of file-infecting malware to reach over 16% in April 1999.^[14] Sophos listed Happy99 among the top ten viruses reported in the year of 1999.^[15] Eric Chien, head of research at Symantec, reported that the worm was the second most reported virus in Europe for 2000.^[16] Marius Van Oers, a researcher for Network Associates, referred to Happy99 as "a global problem", saying that it was one of the most commonly reported viruses in 1999.^[17] When virus researcher Craig Schmugar posted a fix for the virus on his website, a million people downloaded it.^[18]

Technical details

The worm spreads through email attachments and usenet.^[19]^[20]^[21] When executed, animated fireworks and a "Happy New Year" message display.^[19]^[22] The worm modifies Winsock, a Windows communication library, to allow itself to spread.^[19] The worm then attaches itself automatically to all subsequent emails and newsgroup posts sent by a user.^[23] The worm modifies a registry key to automatically start itself when the computer is rebooted. In some cases, the program may cause several error messages to appear.^[24]

The worm was written by a French virus writer known as "Spanska". Other than propagating itself, the worm does no further damage to an infected computer.^[25]^[26] The worm typically uses port 25 to spread, but uses port 119 if port 25 is not available.^[24] The executable of the worm is 10,000 bytes in size; a list of spammed newsgroups and mail addresses is stored on the infected hard drive.^[22]^[27] The worm spreads only if the Winsock library is not set to read-only.

See also

References

1. ^{{cite book |author1=Stephen Watkins |author2=Gregg, Michael B. |title=Hack the Stack: Using Snort and Ethereal to Master the 8 Layers of an Insecure Network |publisher=Syngress Publishing |year=2006 |pages=407, 408 |isbn=1-59749-109-8}}
2. ^{{cite book |author=Davis, Peter |title=Securing and controlling Cisco routers |publisher=Auerbach Publications |location=Boca Raton |year=2002 |pages=621, 622 |isbn=0-8493-1290-6}}
3. ^{{cite news|title=Tech talk - Happy99 Virus|author=George Skarbek|date=16 March 1999|work=The Courier-Mail}}
4. ^{{cite book |author=Roger A. Grimes |title=Malicious Mobile Code: Virus Protection for Windows|publisher=O'Reilly |location=Sebastopol, CA |year=2001 |pages=6 |isbn=1-56592-682-X}}
5. ^{{cite book |author=Paul Oldfield |title=Computer viruses demystified |publisher=Sophos |location=Aylesbury, Bucks |year=2001 |pages=32 |isbn=0-9538336-0-7}}
6. ^{{cite book |author1=Bosworth, Seymour |author2=Kabay, Michel E. |title=Computer security handbook |publisher=John Wiley & Sons |location=Chichester |year=2002 |pages=44 |isbn=0-471-26975-1}}
7. ^{{cite news|title=Microsoft's dominance plays a role|author=Rosie Lombardi|date=2 July 1999|url=http://www.itbusiness.ca/it/client/en/home/News.asp?id=27334|work=Computing Canada}}
8. ^{{cite book |author1=Ellis, Juanita |author2=Korper, Steffano |title=The E-commerce book: building the E-empire |publisher=Academic |location=San Diego |year=2001 |pages=192 |isbn=0-12-421161-5}}
9. ^{{cite news|author=David Watts|title=Help Desk|date=16 February 1999|work=The West Australian}}
10. ^{{cite news|title=251 Cases of Computer Virus Damage Reported in Japan in Feb|work=Asia Pulse|date=7 March 1999}}
11. ^{{cite news|author=Makoto Ushida|date=19 April 1999|work=Asahi Shimbun|title=Cyberslice - Experts warn of lurking computer viruses}}
12. ^{{cite news|title=Virus-tainted e-mail sent to 4,000|work=The Daily Yomiuri|date=6 June 1999}}
13. ^{{cite news|title=Tech Talk Column|author=Clint Swett|author2=Eric Young|date=7 April 1999|work=The Sacramento Bee}}
14. ^{{cite journal|title=Virus Bulletin|year=2000|publisher=Virus Bulletin Ltd. |issn=0956-9979}}
15. ^{{cite news|title=Old viruses live on|work=Adelaide Advertiser|date=19 February 2000}}
16. ^{{cite news|title=Virus variants put users at risk Users are at risk from new variants of popular viruses which can evade some antivirus protection|date=6 March 2000|work=World Reporter TM}}
17. ^{{cite news|title=Bigfoot Users Get a Hotfoot|author=Deborah Scoblionkov|date=2 March 1999|work=Wired|url=https://www.wired.com/science/discoveries/news/1999/03/18208}}
18. ^{{cite news|author=Jeffrey Kosseff|authorlink=Jeff Kosseff|title=Virus-Hunters Scour Internet with 'Dirty' Computers|date=15 September 2003|work=The Oregonian}}
19. ^¹²{{cite book |author=Chen, William W. L. |title=Statistical methods in computer security |publisher=Marcel Dekker |location=New York, N.Y |year=2005 |pages=272 |isbn=0-8247-5939-7}}
20. ^{{cite book |author1=Michael J. Isaac |author2=Isaac, Debra S. |title=The SSCP prep guide: mastering the seven key areas of system security |publisher=Wiley |location=New York |year=2003 |pages=0471273511 |isbn=0-471-27351-1}}
21. ^{{cite news|title=Internet worm can crash corporate servers|author=Roberta Fusaro|work=CNN|date=29 January 1999|url=http://www.cnn.com/TECH/computing/9901/29/iworm-ent.idg/index.html}}
22. ^¹{{cite book |author=Rubin, Aviel D. |title=White-hat security arsenal: tackling the threats |publisher=Addison-Wesley |location=Boston |year=2001 |pages=31 |isbn=0-201-71114-1}}
23. ^{{cite news|author=Carrie Kirby|title=Holiday E-Mail Gives Viruses An Opportunity |work=San Francisco Chronicle|date=22 December 2000}}
24. ^¹{{cite journal| first =Amit| last =Grover| title =Application Adaptive Bandwidth Management Using Real-Time Network Monitoring| date =August 2003| url =http://etd-submit.etsu.edu/etd/theses/available/etd-0715103-211816/unrestricted/GroverA071803f.pdf| format =pdf| pages =77–78| accessdate =27 March 2009| deadurl =yes| archiveurl =https://web.archive.org/web/20060914091249/http://etd-submit.etsu.edu/etd/theses/available/etd-0715103-211816/unrestricted/GroverA071803f.pdf| archivedate =14 September 2006| df =}}
25. ^{{cite book |author1=Knittel, Brian |author2=Cowart, Robert |author3=Cowart, Bob |title=Using MicroSoft Windows 2000 professional |publisher=Que |location=Indianapolis, Ind |year=1999 |pages=936 |isbn=0-7897-2125-2 }}
26. ^{{cite book |author=Trefor Roscoe |title=Rapid Reference to Computers: Rapid Reference Series |publisher=Mosby |location=St. Louis |year=2004 |pages=38 |isbn=0-7234-3357-7}}
27. ^{{cite news|title=Happy99.exe worm spreads on Net|author=Bob Sullivan|work=ZDNet|date=27 January 1999|url=http://news.zdnet.com/2100-9595_22-101463.html?legacy=zdnn}}{{dead link|date=October 2017 |bot=InternetArchiveBot |fix-attempted=yes }}

Significance

Spread

Technical details

See also

References

External links