My company was infected by this virus. Does anyone have any information?
Thanks,
Printable View
My company was infected by this virus. Does anyone have any information?
Thanks,
http://antivirus.about.com/library/weekly/aa091801a.htm
Follow this site for more info.
Here's another one:
http://[email protected]
Since you've gotten so many links, I'll just tell you that Nimda is bad news. The network that includes the entire school system near me was hit by this worm on Tuesday. The network is still down.
Nimda infected my counties computer system also, and all computers have been ordered off for more than a week now, with no definite say on when they will be back up. Word is, every computer in the county must be individually checked and protected before they will resume normale. Jefferson county schools, (the county where Louisville, kY resides) have announced that their computers could take more than a month and a half to get all of them up and running again.
This worm is very powerful, and not only can be activated by downloading and willful execution, but also has the ability to attack remote computers with up to 16 different vulns, from it's host-infected computer, in an attempt to insert itself into the target. It effects all versions of windows, but the worse part is, is that it's security scanners + what-not can take up to 40% more network bandwidth than did the full-fledged coderedII.
yikes.
OverandOut.
ComJo
We got the virus cleaned out. Thanks for all the info. This virus is a real pain in my side. It took symantec a couple of days to pin it down. They finally have a good removal tool.
http://securityresponse.symantec.com...oval.tool.html
Will Microsoft ever close those security hole in IIS?
As far as it being able to infect XP it won't happen. The shop I work at has XP on all machines which in turn are networked together so we set it loose and no damage. Afterwards we downloaded the new Norton 2002 virus update and cleaned it off np. Since it has hit we have had a steady stream of people coming it to get it cleaned off.
It shut down 4 college servers in my area. . . My college just got back up today. . .
The holes that were exploited by code red, again by code red II, and now by nimda were acknowledged and a patch available almost a month prior to the first outbreak of code red.Quote:
Originally posted by Eversor
Will Microsoft ever close those security hole in IIS?
see http://www.cert.org/advisories/CA-2001-13.html
and http://www.cert.org/advisories/CA-2001-19.html
Now, not to say that IIs is secure(tongue in cheek), but is it not the responsibility of the systems owner to stay up on security alerts/patches etc?
What scares me most about putting the responsibility back on microsoft is the possibility they will use it as an excuse/reason to say they have the right to scan our systems for security vulnerabilities and apply patches as "THEY" see fit.
cheers
==================================================================Quote:
Originally posted by Eversor
Afterwards we downloaded the new Norton 2002 virus update and cleaned it off np.
Norton antivirus? ahhaahah
Do me a favour.
Nimda is certainly an insidious little bastard, but if you got infected - its your ( the sys admins) fault, its terrible that we live in a world where there's idiots creating this mayhem - i'm looking after an apache web server at the moment and the logs are full of http get .../scripts/cmd.exe or whatever, but we do, so you need to stay one step ahead of the game. Subscribe to bugtraq, keep your ear to the ground and most importantly - port your site to apache! Sorry, but iis sucks.
The worm hit very hard but we were able to recover. I thought I had the IIS holes patched from the days of Code Red. I guess not.
One of these days I'll learn more about Apache Web Server. Right now I clueless about Linux stuff.:confused: