LISTSERV - HP3000-L Archives

HP3000-L Archives

July 2001, Week 5

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L July 2001, Week 5

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	A real threat, it appears
From:	Wirt Atmar <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Sun, 29 Jul 2001 22:35:45 EDT
Content-Type:	text/plain
Parts/Attachments:	text/plain (106 lines)

This is one of half a dozen notices I received today (this one is from the
Associated Press) on the "Code Red" virus. Code Red killed our email
provider, USWest/Qwest, for most of the middle of last week. We lost not only
our email but even our internet connection, often for hours at a time on
Tuesday, Wednesday, Thursday and part of Friday.

As the note below says: "The government routinely works with private
companies to issue warnings about new hack attacks and viruses, but never
before have they made such a high-profile stand."

Wirt Atmar


=======================================

WASHINGTON (AP) - In an unprecedented show of force against an extremely
virulent Internet attack, government and private officials on Monday will
implore worldwide organizations to protect themselves from the ``Code Red''
worm.

Representatives from the White House, FBI, Microsoft and others have decided
to take the step in the face of one of the largest ever dangers to the
Internet. The worm, similar to a virus, could cause widespread slowdowns and
sporadic outages.

``The Internet has become indispensible to our national security and economic
well-being,'' said Ron Dick, head of the National Infrastructure Protection
Center, an arm of the FBI. ``Worms like Code Red pose a distinct threat to
the Internet.''

Along with posting various warnings on their Web sites, government officials
and representatives from Microsoft were holding a news conference Monday
afternoon to publicize their efforts.

The government routinely works with private companies to issue warnings about
new hack attacks and viruses, but never before have they made such a
high-profile stand.

While the actual infection rate is unknown, it is believed to be in the
hundreds of thousands of Internet-connected computers. In just the first nine
hours of its July 19 outbreak, it infected more than 250,000 systems.

The government-funded Computer Emergency Response Team said the worm is
predicted to start spreading again Tuesday at 8 p.m. EDT.

``This spread has the potential to disrupt business and personal use of the
Internet for applications such as electronic commerce, email and
entertainment,'' a CERT advisory warns.

The officials are frustrated that even though a software inoculation was made
available over a month before the worm's first attack, many computers are
still defenseless. The patch, which will protect computers, can be found on
Microsoft's Web site.

The worm defaces Web sites with the words ``Hacked by Chinese.'' While it
doesn't destroy data, it could be modified to do so. At least two mutations
have already been found.

Code Red exploits a flaw discovered in June in Microsoft's Internet
Information Services software used on Internet servers. It is found in
Windows' NT and 2000 operating systems.

Only computers set to use the English language will have their Web pages
defaced and users of Windows 95, Windows 98 or Windows Me are not affected.
For the first 20 days of every month, the worm spreads. From the 20th on, it
attacks the White House Web site, trying to knock it offline.

The White House took precautions against it, changing its numerical Internet
address to dodge the attack.

Even though the target has moved, the infected computers will still launch
their attack. This, officials said, could slow down the Internet causing
sporadic but widespread outages.

Last week, the Pentagon was forced to shut down public access to all of its
Web sites temporarily to purge and protect them from the Code Red worm.

Because Code Red spread so quickly, security companies have not been able to
figure out who wrote and released it.

Code Red also can damage smaller networks by affecting a certain type of
Internet routers, made by Cisco Systems, used for data traffic control.

Steve Lipner, head of Microsoft's security response center, said the company
is looking for new ways to distributing patches more efficiently.

The government relies on Microsoft and other technology companies to secure
everything from defense networks to financial systems.

``The protection of the Internet requires a partnership with the government,
private companies and the public as a whole,'' NIPC's Dick said.

On the Net:

National Infrastructure Protection Center: http://www.nipc.gov

Microsoft Security Patch:
http://www.microsoft.com/technet/security/bulletin/MS01-033.asp

Code Red technical data: http://www.digitalisland.net/coderedalert

=========================================

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2

RAVEN.UTC.EDU