{"id":4382,"date":"2001-09-19T23:32:46","date_gmt":"2001-09-20T03:32:46","guid":{"rendered":"http:\/\/www.ezrasf.com\/wplog\/?p=4382"},"modified":"2011-04-06T21:05:21","modified_gmt":"2011-04-07T01:05:21","slug":"nimda","status":"publish","type":"post","link":"https:\/\/www.ezrasf.com\/wplog\/2001\/09\/19\/nimda\/","title":{"rendered":"Nimda"},"content":{"rendered":"<p>Virus writers are evil. The latest,\u00c2\u00a0<a href=\"http:\/\/www.antivirus.com\/vinfo\/virusencyclo\/default5.asp?VName=PE_NIMDA.A\">Nimda<\/a>, is a really aggressive one. Look at some of the more successful viruses right now.<\/p>\n<p><a href=\"http:\/\/www.antivirus.com\/vinfo\/virusencyclo\/default5.asp?VName=TROJ_SIRCAM.A\">SirCam<\/a>,\u00c2\u00a0<a href=\"http:\/\/www.antivirus.com\/vinfo\/virusencyclo\/default5.asp?VName=PE_MAGISTR.DAM\">Magistr<\/a>,\u00c2\u00a0<a href=\"http:\/\/www.antivirus.com\/vinfo\/virusencyclo\/default5.asp?VName=VBS_LOVELETTER.A\">Loveletter<\/a>, and\u00c2\u00a0<a href=\"http:\/\/www.antivirus.com\/vinfo\/virusencyclo\/default5.asp?VName=TROJ_HYBRIS.M\">Hybris<\/a> are all on Trend&#8217;s top 10 list. All, including Nimda spread by email.<\/p>\n<p>Also, like\u00c2\u00a0<a href=\"http:\/\/www.antivirus.com\/vinfo\/virusencyclo\/default5.asp?VName=ELF_SADMIND.A\">sAdmind<\/a> (in the top 10) and\u00c2\u00a0<a href=\"http:\/\/www.antivirus.com\/vinfo\/virusencyclo\/default5.asp?VName=CODERED.C\">CodeRed II<\/a>, it hits Microsoft IIS servers.<\/p>\n<p>Like\u00c2\u00a0<a href=\"http:\/\/www.antivirus.com\/vinfo\/virusencyclo\/default5.asp?VName=TROJ_BYMER\">Bymer<\/a> it hits unprotected network shares.<\/p>\n<p>If you wanted an to write a paper on the most effective methods of computer viral transmission, the virus covers most of the bases. It sends an infected email, looks for nearby open network shares, infects every HTML document (so if the machine is a server it is distributing it to your visitors), scans for machines with the\u00c2\u00a0<a>Web Folder Transversal vulnerability<\/a>, and looks for a backdoor left by a CodeRed II infection. What did it miss? Uhhhhhh&#8230; a Word Macro?<\/p>\n<p>&#8211; &#8211; &#8211; &#8211; &#8211;<\/p>\n<p>Kicked off my machine. Only temporarily.<\/p>\n<p>Debating moving to Eudora. Seems like a good idea, but do I really want to risk it?<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Virus writers are evil. The latest,\u00c2\u00a0Nimda, is a really aggressive one. Look at some of the more successful viruses right now. SirCam,\u00c2\u00a0Magistr,\u00c2\u00a0Loveletter, and\u00c2\u00a0Hybris are all on Trend&#8217;s top 10 list. All, including Nimda spread by email. Also, like\u00c2\u00a0sAdmind (in the top 10) and\u00c2\u00a0CodeRed II, it hits Microsoft IIS servers. Like\u00c2\u00a0Bymer it hits unprotected network shares. [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"activitypub_content_warning":"","activitypub_content_visibility":"","activitypub_max_image_attachments":4,"activitypub_interaction_policy_quote":"anyone","activitypub_status":"","footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[1198,1213,621],"tags":[],"class_list":["post-4382","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","category-from-pitas","category-microsoft"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/s1rUBW-nimda","jetpack-related-posts":[],"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/www.ezrasf.com\/wplog\/wp-json\/wp\/v2\/posts\/4382","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ezrasf.com\/wplog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ezrasf.com\/wplog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ezrasf.com\/wplog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ezrasf.com\/wplog\/wp-json\/wp\/v2\/comments?post=4382"}],"version-history":[{"count":0,"href":"https:\/\/www.ezrasf.com\/wplog\/wp-json\/wp\/v2\/posts\/4382\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.ezrasf.com\/wplog\/wp-json\/wp\/v2\/media?parent=4382"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ezrasf.com\/wplog\/wp-json\/wp\/v2\/categories?post=4382"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ezrasf.com\/wplog\/wp-json\/wp\/v2\/tags?post=4382"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}