Years from now, we will all look back on the summer of 2001 as one of ... summers in the history of the ... We will surely laugh atthe frantic ... of system ... and sec Years from now, we will all look back on the summer of 2001 as one of thestrangest summers in the history of the internet. We will surely laugh atthe frantic gyrations of system administrators and security professionalsbecause of a worm called "Code Red". We system administrators will mostcertainly chuckle as we fondly reminisce on the late evenings spent patchingserver after server at the urging of our security professionals. And hey,that blue screen or two that resulted was so much fun to research, and thereinstalls that we had to do the next day will certainly be the topic ofcampfire conversations for years to come! Not!During late July and early August, Microsoft, CERT (Computer EmergencyResponse Team) and the FBI issued emergency bulletins urging all systemadministrators to patch their web servers immediately. The press was alertedand asked to help spread the word that the internet itself was in extremedanger. Every security and antivirus company on the planet was busy sendingout notices to everyone they could find that the problem had to be fixedimmediately, or dire consequences would result.The predictions were that internet speed would be reduced to a crawl fordays while billions (trillions?) of meaningless packets were thrown at theWhitehouse web site an attempt to knock it off the air.What was the cause of this three-ring circus?It's very simple really. The same old story. Microsoft had a bug in theirweb server code. Well, saying they had a bug dramatically understates themagnitude of the problem.To put it into perspective, let's say you hired a contractor to build a newbank (you are the bank manager). Naturally, your bank is outfitted withstate of the art technology (so says the brochure), including a shiny,well-publicized security system. The project was expensive, but you're happybecause, hey, it's the new, improved, extra special XP bank. Besides, thecontractor is the biggest one on the planet and, frankly, you paid them anexorbitant rate to ensure that you got the best there was.After your bank is robbed, you find out that the contractor had"accidentally" left an eight foot hole in the right wall. This isn't just asmall hole, it's a huge, gaping crevice leading directly to the vault. It'sin plain view to everyone, except, seemingly, the contractor. When youconfront the contractor to ask them how they could do such a stupid thing,they politely tell you, after a three hour wait on hold and a $295 charge onyour credit card, that it's really your fault because you didn't follow theinstructions in their special security bulletin two months ago. Didn't yousend a couple of your employees to the BSE (Bank Systems Engineer) classesto learn that they need to purchase the extra-special, super spectacularBankNet knowledgebase CDs?Okay, all kidding and sarcasm aside, there is a bug in the Indexing service(the component that creates searchable indexes) in the Microsoft InternetInformation Server (the program which displays web pages on a web server)which is supplied with Windows NT and Windows 2000. This bug allows allowsanyone who can send a special string of characters to a web server to "takecontrol" and, basically, cause the web server to do anything that theattacker desires.The bug is something commonly known as a "buffer overflow", which simplymeans you can send more characters to the web server than it is capable ofreceiving. When a program receives characters it writes them to memory in aplace called a buffer. If a poorly written program receives more charactersthan it is designed to handle, it will, under special conditions, cause theextra characters to be executed with privileges.To put it very simply, it was discovered that you could cause the IndexingService to "overflow it's buffers" and execute selected code as a privilegeduser. This allows a special hacker program (which is reported to haverequired all of a half hour to write) to gain control of a server.You have to understand that buffer overflows are nothing new to the world ofcomputing. In fact, I am sure that the first programmer is also the firstperson to experience this condition. This is well known to competent qualitycontrol departments, programmers, designers and, of course, hackers.To put it bluntly, buffer overflows should not occur in any program writtenby any programmer who has passed "programming 102". In addition, any qualityassurance person who has taken "quality control 101" should be able to checkfor and spot the problem from a mile away.All right already, so what is the infamous Code Red worm?Code Red is a clever little program which takes advantage of this gapinghole in the Index Server. What the program does is search for systems withthe flaw. It's easy to find those systems and Code Red is very good at it'sjob. So good, in fact, that in early August 2001 it is estimated that itinfected over 300,000 machines!Once the worm finds a machine, it executes the buffer overflow condition andcauses itself to be installed on the machine. Remember the Wrath of Kahnmovie where the beetle with the big pincers crawled into Checkov's ear? It'ssomething like that.Once the bug got into his brain, oh sorry ... once the worm has installeditself it does a number of different things depending upon the day of themonth. Some days near the beginning of a month it will search for newsystems to infect. Towards the middle the worms will all launch an attackagainst the Whitehouse web site. At the end of the month, all of thesemalicious little programs will sleep, waiting for the next month.Interestingly, the Code Red worm has a couple of small flaws. First, it'sattack is directed at a single IP address. Thus, during the first waves ofattacks in July the Whitehouse "dodged the bullet" by simply changing theiraddress.Second, the worm only installs itself in memory. This means it's simply amatter of rebooting the server to rid it of the pesky infection. Of course,if you don't install the patch (a fix to repair the problem, conceptuallylike the piece of rubber used to patch a hole in a tire), it's just a matterof time until your system gets infected again.Naturally, a new worm called "Code Red II" worm has been reported in thewild, and almost certainly does not include these flaws. Hopefully systemadministrators will comply and install their patches so their systems willnot be assimilated into the Code Red and Code Red II attacks. Article Tags: Program Which Source: Free Articles from ArticlesFactory.com .
Top blog stories
A review of Idmobile.com
Idmobile.com offers both pay-as-you-go and contract plans. Pay-as-you-go plans are ideal for customers who don't want to be tied down to a long-term contract, and they can purchase bundles of data, minutes, and texts as and when they need them.
Idmobile.com offers both pay-as-you-go and contract plans. Pay-as-you-go plans are ideal for customers who don't want to be tied down to a long-term contract, and they can purchase bundles of data, minutes, and texts as and when they need them.
AO.co is a trusted expert in TVs, washing machines, clothes dryers and other household appliances. AO.com is one of the largest retailers in the UK and it specializes in electronics, clothes and home furniture.
At Three, we believe phones are good. They just make life better. Easier. And more fun. But
we all need to find a balance that works for us. Our mission is to help our customers use
their phones to live their best lives.
We make your life easier
Since 1992, we’ve been helping customers get the best deal on their dream phone. We firmly believe in giving you the highest quality, for the lowest price. That’s why we work with three of the UK’s leading networks to do all the haggling for you,...
At Halfords, we're all about the journey. With more than 700 stores with over 10,000 colleagues, we're the UK's leading retailer of automotive and cycling products. We are also the leading operator in MOT, tyres, car servicing and car repairs - pleasing more than 750,000 customers every year.
It's important to us that everyone gets great customer service and can enjoy our products, no matter their level of sight. So, if you're blind, partially sighted or struggle to see or read the screen, we’ve a range of features to help you get the most from our products and...
Look iconic, without the hassle— using Nasty Gal discount codes, you can shop your favorite pieces for way less by simply entering one of our promotional codes (of your choice) at the checkout. From delivery offers, to promo deals, we keep ‘em coming, so you always have the offer you...
The Covid-19 has caused the school and universities to shut down around the world creating a major issue in Learning and Education. As this virus spreads through the interaction and if social distanci... The Covid-19 has caused the school and universities to shut down around the world creating a major...
Why its Important to Manage Your Holiday Calendars?
A printable calendar 2021 is a prominent online platform where you download printable calendars of your choice. These calendars can be customized as per our client requirement with photo, text, logo, or any other image. If you are thinking of planning a dream vacation tour with family and kids but...
Idmobile.com offers both pay-as-you-go and contract plans. Pay-as-you-go plans are ideal for customers who don't want to be tied down to a long-term contract, and they can purchase bundles of data, minutes, and texts as and when they need them.
Idmobile.com offers both pay-as-you-go and contract plans. Pay-as-you-go plans are ideal for customers who don't want to be tied down to a long-term contract, and they can purchase bundles of data, minutes, and texts as and when they need them.
AO.co is a trusted expert in TVs, washing machines, clothes dryers and other household appliances. AO.com is one of the largest retailers in the UK and it specializes in electronics, clothes and home furniture.
At Three, we believe phones are good. They just make life better. Easier. And more fun. But
we all need to find a balance that works for us. Our mission is to help our customers use
their phones to live their best lives.
We make your life easier
Since 1992, we’ve been helping customers get the best deal on their dream phone. We firmly believe in giving you the highest quality, for the lowest price. That’s why we work with three of the UK’s leading networks to do all the haggling for you,...
At Halfords, we're all about the journey. With more than 700 stores with over 10,000 colleagues, we're the UK's leading retailer of automotive and cycling products. We are also the leading operator in MOT, tyres, car servicing and car repairs - pleasing more than 750,000 customers every year.
It's important to us that everyone gets great customer service and can enjoy our products, no matter their level of sight. So, if you're blind, partially sighted or struggle to see or read the screen, we’ve a range of features to help you get the most from our products and...
Look iconic, without the hassle— using Nasty Gal discount codes, you can shop your favorite pieces for way less by simply entering one of our promotional codes (of your choice) at the checkout. From delivery offers, to promo deals, we keep ‘em coming, so you always have the offer you...
Search topic
Nasty Gal - We exist for the “girl in progress”.
Look iconic, without the hassle— using Nasty Gal discount codes, you can shop your favorite pieces for way less by simply entering one of our promotional codes (of your choice) at the checkout. From delivery offers, to promo deals, we keep ‘em coming, so you always have the offer you...