Inside The NIPC
from the protecting-the-world-from-viruses-or-hyping-them? dept
There have been a bunch of articles lately criticizing people for overhyping the whole Code Red thing, but here’s an article that looks at the other side. It looks behind the scenes at the US’s National Infrastructure Protection Center (NIPC). They’re the group who is supposed to “detect, deter, assess and warn” everyone of significant threats to Internet security. They’ve been criticized on all fronts for lots of things (not being technically savvy enough, not doing enough, etc.), but at least it sounds like they’re trying to fix things up.
Comments on “Inside The NIPC”
Code Red
I just had lunch with one of our systems admin folks who has been fighting off Code Red 1 and 2 for weeks now.
They informed me that this is the first client/server virus and it has been upgraded to code yellow (very destructive). Code Red 1 opened up a hole on servers running Windows NT and Windows 2000. Code Red 2 took advantage of those hole and infitrated the servers. It pings and pings and pings servers slowing down the internet. It has the potential of shutting down the backbones.
Symantec’s http://www.sarc.com page has upgraded it to code (4) with stats of running wild, damage- medium and distribution-high.
The worm propagates by installing itself into a random Web server using a known buffer overflow exploit, contained in the file Idq.dll. Only systems that have not been patched with the latest Microsoft IIS service packs can be affected.
We do NOT think this has been over hyped, in fact quite the opposite. So bravo for the reporters who DID actively report this virus.
Re: Code Red
Upgraded to Code Yellow? BWAHAHAHAHAHAHAHAHA!!!
What a tool.