posted on July 30, 2001 09:49:03 AM
I've already received reports on this virus which seems a killer. Watch your files, emails and then some! Here's info on a free scan tool for viruses.
posted on July 30, 2001 09:52:48 AM
Home users with Windows 95 / 98 / ME can't get this virus (at least in it's present form), it targets ISP software.
It has the potential of shutting down the internet by disabling ISPs. This one should worry us, because if the internet goes down, we are shut down, but it's ISPs that need to take precautions.
[ edited by Microbes on Jul 30, 2001 09:53 AM ]
posted on July 30, 2001 10:23:31 AM
It must be worthy of noting since the Govt. and Microsoft plowed out some information. If those servers go down so does economy.
posted on July 30, 2001 11:26:48 AM
Just a warning. I received a worm virus from a customer last night. Like an idiot, I opened the file and my computer crashed five minutes later. This virus is not the same (as I do have Windows 98, and obviously was affected). NEVER OPEN A FILE ATTACHMENT FROM ANYONE (Even your momma)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
posted on July 30, 2001 04:24:20 PM
barrelracer, From what I've read, only servers running "unpatched versions of Microsoft's IIS webserver" can be infected. If you get the screen you are talking about, I believe it means the server you are logged onto is infected.
posted on July 30, 2001 07:28:41 PMHow does it get from one server to another?
Very quickly..."On July 19, 2001 more than 359,000 computers were infected with the Code-Red (CRv2) worm in less than 14 hours."
I don't totally understand exactly how it passes from server to server, (in data packets) but the link I posted above has VERY detailed information, (as well as a link to the animated map).
I just saw today another story about them expecting Code Red to break out again on the first of the month (something to do with date roll overs, and payloads that may still be setting on servers) This is why MicroSoft and the Feds are huddling together (you would think there was no love lost between MS and the feds) about this.
Nothing the PC user can do about this one. IPSes and Web Servers are the ones that need to take the precautions.
"- If the date is past the 20th of the month (GMT), the thread will stop searching for systems to infect and will instead attack www.whitehouse.gov."
"If the date is between the 1st and the 19th of the month, this worm thread will not attack www.whitehouse.gov and will continue to try to find and infect new Web servers."
This is why the spread on the 19th went so far, but then seemed to die out.
Yeah, the more I read about this one, the more I worry about the stability of the net.
