"But it's too fast to be a chain letter," Jeff said. "Whatever's sending those messages is using something other than its fingers to do its walking." The problem was simple: about ten thousand messages addressed to one student had arrived at the University's mailhub in under five minutes, and the mailhub had gone down. Jeff and his colleagues wanted to understand the problem and make sure they had defenses before they restored service.
Before long the answer became clear: someone had started a batch program on the University's fast compute server, the program was sending the same message to the same person over and over, and the program was running amok. Apparently whoever wrote the program either intended to swamp the mailhubs, or had made a mistake in the program. Stopping the program and reversing its effects meant shutting down the compute server, purging it of the program and its output, restoring the mailhub, and then watching the mailhub carefully as the pent-up mail from outside the University poured in for delivery. Jeff and his colleagues did this over the next couple of hours, and by 9 PM everything was back in order.
Now the problem was to find the culprit. Rather than read the mail messages, whose contents might not be trustworthy (someone had, after all, been sending forged messages in the President's name for about three weeks), Jeff and his colleagues traced the offending program. It appeared to have been started by Jane Thatcher, a freshman.
"I want this woman cleaning screens for years, or in serious trouble," Jeff said a little later. "She cost us almost $2,000: $1,200 for three hours of compute-server downtime, $500 for my staff's overtime, and $100 for the dinner I had to buy them."
But Kim, the University's Director of Academic Computing, had some doubts: Why were the mailhubs so vulnerable? Why was it possible to send mail from a compute server? For that matter, what rule had Thatcher violated? It seemed important to resolve these questions before taking formal action - but Kim didn't know whether to call Thatcher in before resolving them.
Copyright 1994, MIT
Greg Jackson, firstname.lastname@example.org