A minimum of eight servers operated by America Online's Netscape Communications division have been infected with the Code Red worm, according to independent intrusion monitoring services.
Published:
18 August 2001 y., Saturday
The compromised systems, all with Internet addresses registered to Netscape, have probed dozens of healthy computers nearby in the past few days, in an attempt to spread the Code Red infection.
At least six of the Netscape systems were still infected today. None of the machines responded to connection requests. Service to Netscape's homepage and other online services appeared unaffected by the malicious, self-propagating worm, as did the Internet properties of its parent, AOL.
Netscape officials did not reply to interview requests.
The infiltration of Netscape's network by Code Red comes as the Federal Bureau of Investigation issued a caution today about the original version of the worm. According to the FBI, Code Red I will commence a second denial of service attack against an IP address assigned to the Web site operated by the White House at 8:00 p.m. Eastern, Sunday August 19.
Log file entries created by at least one of the infected Netscape servers indicate the machine has been compromised by the latest, more dangerous variant of the worm, known as Code Red II, according to Jay Dyson, an independent security consultant.
Many of the worms' probes were recorded by system administrators who participate in MyNetWatchman, a free service that compiles firewall log files from computer operators and automatically escalates serious intrusions to the proper authorities.
Code Red II, and its predecessor, Code Red I, both target vulnerable Windows systems running Microsoft's Internet Information Server (IIS) software.
Šaltinis:
newsbytes.com
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.