This week takes us back to the 1990s. First, you need to understand that the Internet has been around a lot longer than most people realize. It began back in the 1970s. And before we had fancy user interfaces to maintain the networks, we used command lines to do... well... everything.
One of the most useful tools for someone back then was ping. Ping is part of the TCP/IP protocol suite, and it works similar to a submarine ping, where someone sends out a signal and wait for a response. Only, network pings send out a series of short messages to the target computer and then wait for the appropriate responses.
You can try this out right now:
Go to a terminal window on Linux, or a command prompt on Windows.
Type in "ping google.com"
Stop the ping using Ctrl-C.
You'll get a response that looks like this:
[katp@Werewolf-Den ~]$ ping google.com
PING google.com (126.96.36.199) 56(84) bytes of data.
64 bytes from atl14s39-in-f14.1e100.net (188.8.131.52): icmp_seq=1 ttl=55 time=21.2 ms
64 bytes from atl14s39-in-f14.1e100.net (184.108.40.206): icmp_seq=2 ttl=55 time=21.0 ms
64 bytes from atl14s39-in-f14.1e100.net (220.127.116.11): icmp_seq=3 ttl=55 time=20.9 ms
64 bytes from atl14s39-in-f14.1e100.net (18.104.22.168): icmp_seq=4 ttl=55 time=20.5 ms
64 bytes from atl14s39-in-f14.1e100.net (22.214.171.124): icmp_seq=5 ttl=55 time=24.0 ms
--- google.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4005ms
rtt min/avg/max/mdev = 20.573/21.603/24.086/1.276 ms
With me so far? Good.
Someone discovered that it is possible to send extra data along with a ping, and that some operating systems didn't handle the extra data well (coughwindowscough). A ping with extra data ended up at best writing over working memory and crashing the computer. At worst, malicious code got passed in that ran on the operating system before crashing the computer.
The best (or worst) part about this? There were no clues left behind as to why the crash occurred. The memory overwrites caused a variety of problems that had nothing to do with the ping. Plus, pings weren't typically recorded in event logs; and if they were, pings are anonymous.