For those of you who have firewalls, I'm sure you've noticed the outrageous amount of incoming alerts you've gotten today. NIMDA is pinging desktops and servers whether or not you've got IIS installed. I've deflected over 200 incoming alerts today alone on my desktop. You'll also notice that the majority of the incoming attempts are probably very close to your ISP's IP address.
Although only Windows systems are affected, this time this worm includes Windows desktops, servers, etc., whether running IIS or not (unlike Code Red). Viewing a page from an infected IIS server may be enough to infect a desktop system, because of the applet the virus launches. The "swiss army knife" analogy in the article below is really good. Of course, regardless of the OS you use, the collateral damage is still high in terms of the high level of traffic this thing is producing.
Full article.
Please post comments on this subject in the existing thread.
Thanks.
AnandTech Moderator
Although only Windows systems are affected, this time this worm includes Windows desktops, servers, etc., whether running IIS or not (unlike Code Red). Viewing a page from an infected IIS server may be enough to infect a desktop system, because of the applet the virus launches. The "swiss army knife" analogy in the article below is really good. Of course, regardless of the OS you use, the collateral damage is still high in terms of the high level of traffic this thing is producing.
Full article.
Please post comments on this subject in the existing thread.
Thanks.
AnandTech Moderator
Facebook
Twitter