Red Worm vs. RTM Worm

Anyway, I’ve been hearing the hysteria over Red Worm.

WIll any damage this cause be worse than the infamous RTM worm way back in 1988? I remember that one because I couldn’t get into any of my newsgroups or email on my ancient VAX terminals at college.

Any thoughts? Anyone? Anyone?

Phouchg

Code Red Worm or Red (Adore) Worm?

Either way, it’ll be nothing by comparison to the RTM Worm. The RTM hit at a time when Internet security was essentially non-existant, at a time when there were very few (relatively speaking) servers connected to the 'net, and it infected about 10% of those servers, causing much caos. Code Red may infect perhaps 0.1% of the servers on the 'net, if people are really slack in keeping up with security.

Code Red is a tempest in a teapot. The Red (Adore) Worm is even less important.

If OP meant Code Red, as someone that has actually been hit by it, let me say that its really lame, as far as worms go.

  1. It assumes your directory structure is the same as the default for WinNT (i.e. your system directory is winnt, located three folders above wwwroot, etc).
  2. It assumes that IUSR_machine can write to the wwwroot directory, which (on my machine, at least) it couldn’t.
  3. The only effect anyone’s reported besides defacing is a D.O.S attack being launched through port 80. No corrupting boot sectors, no data grabs, no stabs at the user file. How boring!
    Overall, I’d say its less threatening than even the email viruses that went out a few years back.

Well, it’s a little more involved than that (you forgot to mention the White House DOS attack).

Really the main worry on the DOS attack is not that the White House site goes down but that the attack causes major net congestion. Can’t wait to see the copycat variants on this one!