NT security of lack of it. Check out this site on NT security. Not very flattering about Microsoft. I have read and met people that tried it out. It works. The website is a bit slow. http://www.l0pht.com/l0phtcrack ICSA.net
My point of view.This is a very nimble and fast virus. It exploits security holes in Internet Explorer and Internet Information Server (IIS). Its effect or damage is more widespread than other virii, because it is a combined mixture of VBS and IIS-targeted viruses. As such it caught quite a few IT organisations with their pants down. Some IT departments don't patch IIS intranet servers. As the chance of an employee hacking and internal web site is rare. Not much fun to boot. The Nimda virus, send it self as an Outlook mail to unsuspecting users. When activated, it scans for internal unpatched IIS servers and uses these servers as means for further infection. Any user with an unpatched Internet Explorer will be infected and process continues. Naturally, even if you have done all of the above, some enterprising virus writer will find a hole some where. So you will need to hold up your anti-virus shield and hope they come up with an update before the virus reaches you.So how to get yourself out of this viscous cycle of patch chasing? I propose the following:.
1. Stop using IIS as a Web and FTP server. If you are using it as Transaction server, remember to stop the default web. All web servers are need to be monitored for vulnerability. The question to ask do you want to test and install a patch once every 2 weeks or 2 months? Click here
2. Stop using Internet Explorer. Don't get me wrong, IE is a great browser (dynamic switching between connections, in browser viewing for Office documents), but it is simply not secure. Click on this link for more information.With the above 2 measures in place, you should be able to weather the storm better while waiting for the anti-virus vendors to come up with an update.
Modified on 1 Oct 2001
|About me Contact me|