A Virus called Nimda

Greetings everyone--

Just found out our server got hit by the nimda virus, so I did some research on it. Has anyone else been hit? I'm happy to say we're downloading a patch for it, but the virus can cause a decent amount of damage so if anyone needs info on it there are some alerts here:

http://www.hdgroup.com/virusalerts.html

Lauren


Perception is Reality. Interested in shaping a better one for your company? Click here.

Yup....it knocked out my virtual server company in Ft Lauderdale. I have 22 sites on it. They got it back on line this morn but...hard to FTP stuff and sloooowww....as is ALL of the Internet.

This one is supposed to have a "cute" feature. Heretofore, to keep from infecting your PC with a virus, you just had to NOT OPEN any attachments. This one will attack when you simply click on the message. AND...it will also attack visitors to websites hosted by an infected server.

Cute.

2 things I'm doing;
1) Going to "Opera" as a browser. The hackers are "after" Microsoft products so I want to drop MSIE...and I was going to use Netscape 4.7 (6.1 STILL has too many bugs) but a few people told me about Opera...so I'll try that.

2) I'm "spreading" my exposure by placing my sites on 3 or 4 different virtual servers instead of one.

THIS should be considered, "ELECTRONIC" Terrorism and we should be going after the iniators just as hard because they to want to destroy our country.

"United We Stand"......Don Alm (American)

> Greetings everyone--

> Just found out our server got hit by the
> nimda virus, so I did some research on it.
> Has anyone else been hit? I'm happy to say
> we're downloading a patch for it, but the
> virus can cause a decent amount of damage so
> if anyone needs info on it there are some
> alerts here:

> http://www.hdgroup.com/virusalerts.html
> Lauren




Some of my Unique Business Programs

Wow, this is a terrible virus....

Unlike other viruses in the past, Nimda has 4 different ways it can spread itself....

It spreads by
[*]Sending itself as an email attachment[*]Appending Javascript code to Web pages that will download the worm to Web surfers' PCs when they view the page[*]Copying itself to shared disk drives on internal networks[*]Scanning for and infecting vulnerable web servers running Microsoft's Internet Information Server software.


How can you protect yourself?

One danger is with email, don't open strange attachments.... If you use Microsoft's Outlook program, apparently the program can open itself automatically in some way. I don't use Outlook, but what I read is that you can set the security on Outlook to "high" (DON'T have it set "low") and there are also security patches available from Microsoft. (I don't use Outlook -- anyone else have any other suggestions here?)

(I use a program called "Pine" hosted on a Unix account for my email -- which is kind of "primitive" way to read email in many ways, but at least it's very safe from virus attacks.)

Apparently the virus can also spread using Javascript from web pages -- that is, you can get it just by surfing! The way to protect yourself against this is to disable Javascript on your browser.... How to do this for Internet Explorer and Netscape is given on this page http://www.cudenver.edu/dislink.html

If you use Opera (an alternative to Internet Explorer and Netscape), go to
File -> Preferences -> Plugins
then uncheck the box for Enable JavaScript.

By the way, a lot of web pages use Javascript so some pages may not work correctly when you do this. However, at least your computer will be safe.... (You could re-enable Javascript later on if you want to.)

If your web sites have been affected, if you have the option I'd recommend moving to servers which run on Unix systems (rather than those using Microsoft software). Sowpub is hosted on a Unix-based server, which I chose because Unix-systems are generally more stable and secure....

I hope nobody is too badly affected.... Another side-effect of the Nimda virus is that it's slowed down the internet....

- Dien Rice


Here's another informative article on the Nimda virus....