Internet Insider with David Radin
Internet Insider
Listen/Station List
Show Highlights
Guest List
Free Insider Tip Letter
Talk Back
The Insider Team
The WOW
The Stellar List
The Insider Tip
Internet Insider Home

Insider Extras
Insider In-Depth
Insider Tip Letter
Step Up to the Mic
Insider Archives
Insider Guides
The Anti-Virus Page
The Megabyte

Outside the Studio
Our Sponsors
To Sponsor or Advertise
Broadcast the Show
Bookstore
Press Room
Editorial Submissions
Employment
FAQ
Link to Us
Site Map
About Us
Insider Radio Home

Click here to hear great short radio shows, learn helpful computer ideas or subscribe to David's Tip Letter
Insider Radio Network
July 31, 2001
Code Red
The "Code Red" worm spreads fast and has the possibility of wreaking wide spread havoc on the Internet - enough damage to knock out portions of the Internet if not dealt with. The worm infects a system, uses that system to infect other systems, then turns it attention to the White House web site as an attacker (denial of service attack). It defaces web pages on the infected systems. Once a defaced web page has been up for 10 hours, the worm lies dormant, making the system manager think that the worm is no longer a problem. Nothing can be farther from the truth.

The worm turns on automatically on the first of each month, attacks the White House on the 20th, then turns off until the first of the next month. Someone has rewritten the worm so it can become even more threatening than the first version.

What to Do:

The "Code Red" worm attacks only systems using Microsoft's IIS (Internet Information Server), not end user systems. If you are responsible for such a server, you can download a patch from Microsoft to inoculate your server, but you need to re-boot your server to remove the worm. If the worm seems to have disappeared without a re-boot, you may still be in trouble on the next go-round.

End users worried about the worm infecting their desktop or laptop systems should turn their attentions elsewhere. "Code Red" will not infect Windows or Mac desktop operating systems, only systems running Microsoft's IIS Server. So you don't need to install any patches or change your system in any way. However, it can affect you by affecting the servers you attempt to reach on the Internet - by creating so much traffic that it will bring whole sections of the Net down. So you can do your part by helping to get the word out to the people who do operate Microsoft IIS Servers.

If you are an end user in a company that has a web server, forward this email to your system manager so he or she can install the patch and remove the worm. If you know people who operate such servers (or you think you know people), forward this email to them too.

More instructions at http://www.symantec.com/avcenter/venc/data/codered.worm.html

Why Such A Hub-bub?

There are over 6 million servers that are susceptible to the "Code Red" worm. As of this writing, only 400,000 software patches have been downloaded from Microsoft. So there are still over 5 million unprotected servers. This is a total community problem, because the "Code Red" worm can affect your ability to use the Internet, whether it affects your computer - because it can bring down portions of the net quickly. In one recent day, it infected over 300,000 servers. With the revisions recently made, the pace is likely to get faster - and reach more servers worldwide.

As always, we will continue to help alert you to virus threats - both in this anti-virus section and via email, through our Insider TipLetter. Subscribe here. (Free)

Copyright © 2000, Internet Radio Corporation