|
-
August 5th, 2001, 05:15 PM
#1
Code Red 2
IT WAS NOT IMMEDIATELY clear if the new worm was a variant of Code Red or just a nastier copycat, but security experts have already started calling it Code Red II.
Last week, experts had warned that Code Red’s real danger was that it paved the way for creation of a much more destructive worm that employed Code Red’s successful tactics. Last week’s worm, while a nuisance, generally did nothing more than deface Web sites and attempt to spread itself.
The new worm realizes some of those initial fears. Upon infection, the worm leaves a back door so an attacker — any attacker — could easily enter an infected system and steal data.
“The end result ... is to leave your box wide open to remote connection and total compromise,” wrote Russ Cooper in an analysis of the worm posted to TruSecure Corp.’s NTBugtraq. Cooper moderates the popular mailing list.
In his analysis, Cooper said the only way victims can reclaim a compromised system is to reformat it, essentially wiping it clean.
http://www.msnbc.com/news/606910.asp?0dm=T11OT&cp1=1
A hastily written message on the SANS Institute Web site indicated that Code Red “probes” had increased on Saturday, suggesting a fresh spurt of activity. SANS, a computer security think-tank, had also discovered the new version installs a back door.
“The back door makes a command shell available to any attacker,” SANS said. A command shell gives an attacker a command line, familiar to users of MS-DOS. From a command line, an attacker can issue any command to the computer.
It was unclear early Sunday morning how fast the worm had spread, but anecdotal reports on computer security mailing lists suggest it is successfully propagating at a rate similar to last week’s Code Red outbreak. If that occurs, it would mean hundreds of thousands of Web servers around the Internet would be available to computer criminals for easy break-ins within a few hours.
LAST WEEK’S OUTBREAK
Last week’s Code Red outbreak was considered mostly a dud by general public standards, since there was no impact on overall Internet usage — despite the fact that nearly 300,000 computers were infected
------------------
"Onward Through the fog"
VDR SEARCH
Stings Shack™
"ONWARD THROUGH THE FOG"
"640K ought to be enough for anybody." - - Bill Gates, 1981
AMAZING TECHS
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
