Spacer Sidebar Directory Map

The Training Book, the handbook for trainers

Training Express computer learning guides

 

ITrain - International Association of Information Technology Trainers

Solaris & IIS At Risk

CERT warns of new Internet worm

ITINFO Sponsor

FastTips Newsletters

Having trouble keeping in touch with your clients? Not touching them at least twice a month?

FastTips newsletters are hard-hitting, to-the-point newsletters filled with useful computer tips & tricks.

Pre-printed with your company's name, address, and phone number, they'll keep your clients coming back for more.

Click for FastTips Newsletters for YOUR clients

Internet Poll
Have you attended a seminar via e-learning?
yes
no

poll archive

Worm Infects Microsoft IIS and Solaris Servers

by Dave Murphy
ISSN 1535-3613

Dave Murphy, DGL President & ITrain founder CERT, Carnegie Mellon University's Computer Emergency Response Team, has received numerous reports of a worm that infects servers running Sun Microsystems Solaris OS and Microsoft Internet Information Server (IIS).

The worm takes advantage of known security flaws in both servers' software to compromise systems and deface web pages, according to CERT, which has named the malicious code the "sadmind/IIS worm."

"We have received a very large number of reports of systems being compromised by the worm, both Solaris and IIS systems," said Chad Dougherty, Internet security analyst at CERT. "We started receiving reports early on Monday." The Solaris system is entered by using a 2-year-old buffer overflow vulnerability. Then a security hole that was uncovered seven months ago is used to break into the IIS system.

Once infected the Solaris system is used to scan and compromise other Solaris systems and IIS systems, CERT said.

Patches to both Sun's and Microsoft's software have been publicly available for quite a while. However, it's our experience that many network administrators don't make full efforts to secure their servers, even when patches are freely released and well documented.

Call for Comments

What do you think? Leave your comments on the message center.

References

CERT Advisory
Sun Microsystems
Microsoft
Message Center

Related Article

Microsoft IIS 5.0 Opens Security Hole in Windows 2000

Subscribe to ITINFO.
Receive computing and Internet news & tips
by subscribing to the ITINFO information service.
Type your Internet email address in the form, and click "Subscribe."
Email Address:

Damar Group, Ltd. helps business use technology.

ITINFO is again accepting sponsors. Sponsor messages are included in ITINFO's email newsletter and are permanently posted to DGL's website and online reference areas.

ITINFO is an electronic publication of Damar Group, Ltd., publisher of Training Express computer learning guides. Comments and submissions to info@dgl.com.

Previous issues are on our website at http://dgl.com/itinfo/.

updated May 8, 2001
http://dgl.com/itinfo/2001/it010508.html

Return to DGL homepage
Copyright © 2001, Damar Group, Ltd., All Rights Reserved