Code Red worm
On July 19, 2001 a computer worm affecting Microsoft's Internet Information Server (IIS) web server was unleashed on the Internet. It soon became known as Code Red, named after the Mountain Dew soft drink by the programmers at eEye who reported it. This worm exploited a vulnerability in the indexing software distributed with IIS and did several things:
- It defaced the affected web site to display:
- "HELLO! Welcome to http://www.worm.com! Hacked By Chinese!" (The last phrase became a stock phrase)
- It tried to spread itself by looking for more IIS servers on the Internet.
- It waited 20-27 days after it was installed to launch denial of service attacks on several fixed IP addresses. The IP address of the White House web server was among those.
- It used the pattern NNNNNNNN...
On August 4, 2001, a variant of the Code Red worm, named Code Red II, appeared. It pseudo-randomly chose targets on the same or different subnets as the infected machines according to a fixed probability distribution, favoring targets on its own subnet more often than not, and it used the pattern XXXXXXXX... instead of NNNNNNNN...
See Also
Referenced By
Computer insecurity | Hacked By Chinese | Hacked By Chinese! | List of Internet topics | List of computing topics | Notable computer viruses | Notable computer viruses and worms | SQL Slammer | SQL slammer worm | W32.SQLExp.Worm
|
