Virus Alert - NIMDA

Posters Name: Kagato
Posters Email:
Subject: Virus Alert - NIMDA

There's a new Virus Alert out today for the NIMDA bug (yes, it's admin spelled backwards). This one is causing some pain primarily becuase it is much like Code Red, but even more aggressive. Not only does it propogate via e-mail (Delete any "README.EXE" attachments you may receive) it also attempts to forward itself from infected IIS (Internet Information Server - Microsoft's beauty) to end users via File Download. Those using Internet Explorer will receive a File Download box when connecting to infected pages, notifying them to install the file to properly access the page, needless to say, doing this would be bad. For those unfamiliar, this is one of the ever-lovely virii that perform broadcast storms against unsuspecting web servers/routers, causing a DoS (Denial of Service). Unlike Code Red, Nimda performs at least 16 different scans on neighbor machines to check for various backdoors/unpatched systems. Fun, fun, fun!

MWGL News - Printer Friendly Version