MITM MPSA M Overview The Microsoft TechNet Security site contains a vast amount of information useful to IT (information tech- nology) professionals who need to ensure Microsoft platforms and products are deployed, configured, and administered securely. Some of the topics covered by the site include the following: ● Access to the latest security bulletins from Microsoft Corporation and information on how to subscribe to the Microsoft Security Notification Service ● Security resources, including assessment tools, checklists, best practices, how-to tutorials, case studies, security tips, service packs, rollup pack- ages, and hotfixes ● Access to security-related newsgroups and infor- mation on how to contact the Microsoft Security Team ● Information on how to protect, detect, defend, recover, and manage security-related issues ● Links to security-related training, books, and third-party products and services For More Information Visit www.microsoft.com/technet/security/ for more information. See Also: Microsoft Security & Privacy MITM Stands for man-in-the-middle attack, an attack in which the attacker impersonates both ends of a secure commu- nication channel. See: man-in-the-middle (MITM) attack Morris worm A notorious Internet worm that also acted as a virus. Overview The Morris worm was one of the first worms to cause damage to systems and achieve widespread media recog- nition. The worm was developed by Robert Morris, Jr., a student at Cornell University, and though originally designed simply to spread and not cause harm, a coding error caused the worm to repeatedly replicate itself until it consumed available memory, filled free space on hard drives, and drove processor utilization to 100 percent. The result was denial of service (DoS) for legitimate users and systems that crashed and needed their hard drives to be cleaned before they could restart. The Morris worm first appeared in November 1988 and spread rapidly across the Internet, infecting Sun servers and VAX minicomputers by exploiting vulnerabilities in the Sendmail, Fingerd, Rsh, and Exec daemons on UNIX platforms. The worm infected at least 6000 sys- tems, which at the time represented about 10 percent of the Internet, and the resulting cleanup costs and busi- ness downtime was estimated at $98 million. One of the results of the Morris worm was the forma- tion of the Computer Emergency Response Team (CERT), later the CERT Coordination Center (CERT/ CC), at Carnegie Mellon University, to respond to such incidents in the future. Another result was Morris’s con- viction under the Computer Fraud and Abuse Act, a U.S. federal law that was first applied in the Morris case. After several appeals, Morris was eventually sen- tenced to three years probation, a $10,050 fine, and 400 hours of community service, and he went on to become an assistant professor at Massachusetts Institute of Technology (MIT). Interestingly, Morris’s father, Robert Morris, Sr., was a famous cryptographer at the National Computer Security Center (NCSC) of the National Security Agency (NSA). See Also: CERT Coordination Center (CERT/CC), worm MPSA Stands for Microsoft Personal Security Analyzer, a tool for identifying common security misconfigurations in Microsoft products, now supplanted by the Microsoft Baseline Security Analyzer (MBSA). See: Microsoft Personal Security Analyzer (MPSA) 198 MITM MPSA M Overview The Microsoft TechNet Security site contains a vast amount of information useful to IT (information tech- nology) professionals who need to ensure Microsoft platforms and products are deployed, configured, and administered securely. Some of the topics covered by the site include the following: ● Access to the latest security bulletins from Microsoft Corporation and information on how to subscribe to the Microsoft Security Notification Service ● Security resources, including assessment tools, checklists, best practices, how-to tutorials, case studies, security tips, service packs, rollup pack- ages, and hotfixes ● Access to security-related newsgroups and infor- mation on how to contact the Microsoft Security Team ● Information on how to protect, detect, defend, recover, and manage security-related issues ● Links to security-related training, books, and third-party products and services For More Information Visit www.microsoft.com/technet/security/ for more information. See Also: Microsoft Security & Privacy MITM Stands for man-in-the-middle attack, an attack in which the attacker impersonates both ends of a secure commu- nication channel. See: man-in-the-middle (MITM) attack Morris worm A notorious Internet worm that also acted as a virus. Overview The Morris worm was one of the first worms to cause damage to systems and achieve widespread media recog- nition. The worm was developed by Robert Morris, Jr., a student at Cornell University, and though originally designed simply to spread and not cause harm, a coding error caused the worm to repeatedly replicate itself until it consumed available memory, filled free space on hard drives, and drove processor utilization to 100 percent. The result was denial of service (DoS) for legitimate users and systems that crashed and needed their hard drives to be cleaned before they could restart. The Morris worm first appeared in November 1988 and spread rapidly across the Internet, infecting Sun servers and VAX minicomputers by exploiting vulnerabilities in the Sendmail, Fingerd, Rsh, and Exec daemons on UNIX platforms. The worm infected at least 6000 sys- tems, which at the time represented about 10 percent of the Internet, and the resulting cleanup costs and busi- ness downtime was estimated at $98 million. One of the results of the Morris worm was the forma- tion of the Computer Emergency Response Team (CERT), later the CERT Coordination Center (CERT/ CC), at Carnegie Mellon University, to respond to such incidents in the future. Another result was Morris’s con- viction under the Computer Fraud and Abuse Act, a U.S. federal law that was first applied in the Morris case. After several appeals, Morris was eventually sen- tenced to three years probation, a $10,050 fine, and 400 hours of community service, and he went on to become an assistant professor at Massachusetts Institute of Technology (MIT). Interestingly, Morris’s father, Robert Morris, Sr., was a famous cryptographer at the National Computer Security Center (NCSC) of the National Security Agency (NSA). See Also: CERT Coordination Center (CERT/CC), worm MPSA Stands for Microsoft Personal Security Analyzer, a tool for identifying common security misconfigurations in Microsoft products, now supplanted by the Microsoft Baseline Security Analyzer (MBSA). See: Microsoft Personal Security Analyzer (MPSA) 198 Microsoft Confidential master page = “Left blank” Encyclopedia of Security sample pages | jimkr . common security misconfigurations in Microsoft products, now supplanted by the Microsoft Baseline Security Analyzer (MBSA). See: Microsoft Personal Security Analyzer (MPSA) 198 Microsoft Confidential. for identifying common security misconfigurations in Microsoft products, now supplanted by the Microsoft Baseline Security Analyzer (MBSA). See: Microsoft Personal Security Analyzer (MPSA). MPSA M Overview The Microsoft TechNet Security site contains a vast amount of information useful to IT (information tech- nology) professionals who need to ensure Microsoft platforms and products