Return To Home Page Search Fire Products, Services and others Overview of the Site Design and Build a Career Contact us for customer service and other feedback info Prognet Privacy Statement

Click here to view product details, fire framework, screen shots, Y2K statement, etc.Download fire evaluation copy, updates, upgrades, user manual, free utils and lot more.Customers can enjoy technical support, security tips, FAQ, free virus alert mail, etc. Online ordering, renewal form and upgrade details.Resellers, dealers and distributors can enter here.Click here to view latest virus alerts, virus information center, virus calendar, etc.Latest news and other press releases.About Prognet Technologies Pvt. Ltd, technical team, clients, events and lot more.

 

SECURITY HOLE IN IIS SPREADS CORERED WORM

                     CodeRed worm spreads using .ida buffer overflow attack vulnerability in IIS Web servers. The worm will attack unprotected IIS servers. Web administrators are requested to install the security patch provided by Microsoft. The patch can be downloaded from the link http://www.microsoft.com/technet/security/bulletin/MS01-033.asp . After installing the patch, the server should be restarted to remove active worm from memory.

                     The worm uses randomly generated IP addresses to spread. If the worm infects a vulnerable IIS server creates 100 threads first. Out of 100, it uses 99 threads to spread the worm and 100th thread checks to see if it is running on a English (US) Windows NT/2000 system.

                     If the infected system is found to be a English (US) system then the worm will proceed to deface the infected systems website. The local web servers web page will be changed to a message that says Welcome to "http://www.worm.com !, Hacked By Chinese!". The worm also creates a file "C:\networm" in the system. The worm includes code designed to flood www.whitehouse.gov.

                     This worm is also known as W32.CodeRed.mm, I-Worm/CodeRed, W32.Bady, TROJ_CODERED, W32.CodeRed.Worm.

How can I protect my system?

                     To protect your server from CodeRed worm attack, web administrators are requested to install the security patch immediately. The patch can be downloaded from the following Microsoft link http://www.microsoft.com/technet/security/bulletin/MS01-033.asp .

How to protect your system from other Viruses?

                     A free download of FireLite [ 1100KB] version is also available to detect viruses in your system. Scan your system using FireLite version. If you find any virus, use registered version of Fire to remove. To get the registered version of Fire call us at 044-28170440 or mail to service@fireav.com or purchase Fire online using

[Analysis: Mr.Ramesh, Mr. X.Albert, Prognet Technologies Pvt. Ltd, July 2001]

Go to top of the page
.