Just in case you're running an IIS. > -----Original Message----- > From: The SANS Institute > Sent: Sunday, July 29, 2001 7:50 PM > To: Ronneil Camara > Subject: SANS Security Alert. Code Red Is Set to Come Storming Back! > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > SANS Security Alert. Code Red Is Set to Come Storming Back! > > SANS, Microsoft, the NIPC, CERT/CC and four other leading security > organizations released the following alert today (Sunday, January 29) > at 4 pm. EDT. > > > A Very Real and Present Threat to the Internet: July 31 Deadline > For Action > > Summary: The Code Red Worm and mutations of the worm pose a continued > and serious threat to Internet users. Immediate action is required > to combat this threat. Users who have deployed software that is > vulnerable to the worm (Microsoft IIS Versions 4.0 and 5.0) must > install, if they have not done so already, a vital security patch. > > How Big Is The Problem? On July 19, the Code Red worm infected more > than 250,000 systems in just 9 hours. The worm scans the Internet, > identifies vulnerable systems, and infects these systems by installing > itself. Each newly installed worm joins all the others causing > the rate of scanning to grow rapidly. This uncontrolled growth in > scanning directly decreases the speed of the Internet and can cause > sporadic but widespread outages among all types of systems. Code Red > is likely to start spreading again on July 31st, 2001 8:00 PM EDT and > has mutated so that it may be even more dangerous. This spread has > the potential to disrupt business and personal use of the Internet > for applications such as electronic commerce, email and entertainment. > > Who Must Act? Every organization or person who has Windows NT or > Windows 2000 systems AND the IIS web server software may be > vulnerable. > IIS is installed automatically for many applications. If you are not > certain, follow the instructions attached to determine whether you > are running IIS 4.0 or 5.0. If you are using Windows 95, Windows 98, > or Windows Me, there is no action that you need to take in response > to this alert. > > What To Do If You Are Vulnerable? > > a. To rid your machine of the current worm, reboot your computer. > b. To protect your system from re-infection: Install Microsoft's > patch for the Code Red vulnerability problem: > Windows NT version 4.0: > http://www.microsoft.com/Downloads/Release.asp?ReleaseID=30833 > Windows 2000 Professional, Server and Advanced Server: > http://www.microsoft.com/Downloads/Release.asp?ReleaseID=30800 > > Step-by-step instructions for these actions are posted at > www.digitalisland.net/codered > > Microsoft's description of the patch and its installation, and the > vulnerability it addresses is posted at: > http://www.microsoft.com/technet/treeview/default.asp?url= > /technet/security/bulletin/MS01-033.asp > > Because of the importance of this threat, this alert is being made > jointly by: > > Microsoft > The National Infrastructure Protection Center > Federal Computer Incident Response Center (FedCIRC) > Information Technology Association of America (ITAA) > CERT Coordination Center > SANS Institute > Internet Security Systems > Internet Security Alliance > > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6 (GNU/Linux) > Comment: For info see http://www.gnupg.org > > iD8DBQE7ZHA1+LUG5KFpTkYRAr3wAJ9Qbm7xQRylXGHwXnBKtyz1n0mN6QCeN6xN > Ss2P7G4lgD2goLm70RDIKGc= > =i8ro > -----END PGP SIGNATURE----- > _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
