Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: W32.Nimda.A@mm

  1. #1
    Member rnapro's Avatar
    Join Date
    Aug 2001
    Posts
    66

    Arrow W32.Nimda.A@mm

    My company was infected by this virus. Does anyone have any information?

    Thanks,

  2. #2

  3. #3
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867

  4. #4

  5. #5
    Senior Member
    Join Date
    Aug 2001
    Posts
    503
    Since you've gotten so many links, I'll just tell you that Nimda is bad news. The network that includes the entire school system near me was hit by this worm on Tuesday. The network is still down.
    I know you\'re out there. I can feel you now. I know that you\'re afraid. You\'re afraid of us. You\'re afraid of change. I don\'t know the future. I didn\'t come here to tell you how this is going to end. I came here to tell you how it\'s going to begin. I\'m going to hang up this phone, and then I\'m going to show these people what you don\'t want them to see. I\'m going to show them a world without you, a world without rules and controls, without borders or boundaries. A world where anything is possible. Where we go from there is a choice I leave to you.

  6. #6
    Member
    Join Date
    Aug 2001
    Posts
    44

    nimda.?

    Nimda infected my counties computer system also, and all computers have been ordered off for more than a week now, with no definite say on when they will be back up. Word is, every computer in the county must be individually checked and protected before they will resume normale. Jefferson county schools, (the county where Louisville, kY resides) have announced that their computers could take more than a month and a half to get all of them up and running again.

    This worm is very powerful, and not only can be activated by downloading and willful execution, but also has the ability to attack remote computers with up to 16 different vulns, from it's host-infected computer, in an attempt to insert itself into the target. It effects all versions of windows, but the worse part is, is that it's security scanners + what-not can take up to 40% more network bandwidth than did the full-fledged coderedII.

    yikes.

    OverandOut.
    ComJo
    OverandOut.
    ~comJo

    ---....Loading: 1x 2x 3x

  7. #7
    Member rnapro's Avatar
    Join Date
    Aug 2001
    Posts
    66
    We got the virus cleaned out. Thanks for all the info. This virus is a real pain in my side. It took symantec a couple of days to pin it down. They finally have a good removal tool.

    http://securityresponse.symantec.com...oval.tool.html

    Will Microsoft ever close those security hole in IIS?

  8. #8
    Senior Member
    Join Date
    Aug 2001
    Posts
    118

    Hmmmm

    As far as it being able to infect XP it won't happen. The shop I work at has XP on all machines which in turn are networked together so we set it loose and no damage. Afterwards we downloaded the new Norton 2002 virus update and cleaned it off np. Since it has hit we have had a steady stream of people coming it to get it cleaned off.
    Risk everything, or gain nothing.

  9. #9
    Forgotten Ghost RogueSpy's Avatar
    Join Date
    Aug 2001
    Location
    Cyberspace
    Posts
    783
    It shut down 4 college servers in my area. . . My college just got back up today. . .

  10. #10
    Member
    Join Date
    Sep 2001
    Posts
    77

    Re: Hmmmm

    Originally posted by Eversor
    Will Microsoft ever close those security hole in IIS?
    The holes that were exploited by code red, again by code red II, and now by nimda were acknowledged and a patch available almost a month prior to the first outbreak of code red.

    see http://www.cert.org/advisories/CA-2001-13.html
    and http://www.cert.org/advisories/CA-2001-19.html

    Now, not to say that IIs is secure(tongue in cheek), but is it not the responsibility of the systems owner to stay up on security alerts/patches etc?

    What scares me most about putting the responsibility back on microsoft is the possibility they will use it as an excuse/reason to say they have the right to scan our systems for security vulnerabilities and apply patches as "THEY" see fit.

    cheers
    I\'m not a BOT I\'m a beer droid!
    Prepare to be Assimilated.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •