Uploading contents on the C I Host can be done any day, anytime depending on what you want uploaded, but programs might not open as a result of the Witty Worm attack. For this reason, computer systems ought to be patched and protected against any malware. Witty-Worm virus corrupts and deletes all the data files on the hard-drive and accounts saved on the C I Host and other Hosts. This affects the manner in which the contents are to be uploaded. When the Witty Worm virus attacks, data in most hard-drives are deleted and one might want to replace them or copy the data into another unbootable drives. Thus, the virus inconveniences work. Alerts on the computer installed programs has to be monitored so that such threats and network traffics are detected on time to avert any challenges that might be caused.
The worm is a landmark in a malicious software history since it represents the 1st malicious software occurrence known for casting security products. In 2004, Witty Worm appeared in form of an appealing and harmful virus that corrupted and destroyed 12000 computer systems within a duration of 45 minutes. Shannon, C., & Moore, D. (2004). The Witty Worm subterfuges itself as a real ICQ packet that applies User Datagram Protocol port 4000 in sending itself to many random IP addresses. Witty Worm virus is a very harmful malware because it corrupts computer systems due to the vulnerability of the ISS software. The Worm circumvents the firewalls by posting itself to any random IP addresses that have random target ports. The Worm contains harmful payload that deletes data and causes high forms of destruction. The Worm is below 700 bytes lengthwise. Therefore, rebooting any infected computer systems might not be recommended at all. Thus, such infected computers systems ought to be detached from any network to prevent multiplication.
Snort sniffer detects the Witty Worm virus. It’s a packet detector that monitors any network traffics, scrutinizing the computer systems to detect harmful payloads or any malicious anomalies. It monitors any form of network traffic and compares it against the Snort-defined rules. Once a Malware is detected, Snort then builds a firewall that prevents the multiplication of the Worm and conveys real-time alerts to the Syslog in a pop-up window. The Witty Worm can also be eliminated by downloading the ISS security bits. Since it corrupts computer memory, thus data recovery protocol is essential for restoring the full functionality of the systems. To apply Snort, the hosts’ network plug-in has to be set to a promiscuous form so that it monitors all the network traffic within the local network interface. By so doing, it identifies cybersecurity attacks including OS fingerprinting, service denial, buffer overflow, port scans as well as blocking server messages.
BlackICE is a firewall that was built to protect all computer systems from malicious threats like the Witty Worm. BlackICE didn’t have overseas connections and protection, this made it vulnerable and exposed to Witty Worm. The BlackICE was not popular at that time of Witty Worm exploitation. Therefore, Witty Worm exploited the BlackICE firewalls and the buffer overflows before its release since it wasn’t patched against the Witty Worm malware. In conclusion, Witty Worm incorporates many harmful features once it attacks any computer system since it infects its host
References
Shannon, C., & Moore, D. (2004). The spread of the witty worm. IEEE Security & Privacy, 2(4), 46-50. Web.