Code Red
Many and various were the trials and tribulations of people trying to get their connections up and running recently. David Dorn finds out why
By now, most folks will have heard of the CodeRed 'worm' which has been instrumental in causing system operators all over the world to apply security patches to their Web servers. And, of course, where malicious hackers have one taste of success, they produce new versions and variants to counter the measures that have been put in place against the original.
According to Computer Associates, the CodeRed worm is a self-propagating malicious computer program. Unlike previous versions, this new variant manipulates system settings, and installs and launches a Trojan version of Windows File Explorer. This can leave the infected computer open to remote connections making it possible for files to be accessed and stolen.
According to a preliminary analysis by CA's eTrust global antivirus researchers, the new variant affects Microsoft Windows 2000 system running Microsoft Internet Information Server (IIS). CA urges IIS administrators to immediately apply the software patch issued by Microsoft that addresses the known vulnerability exploited by this and previous versions of the CodeRed worm. Visit http://ca.com/virusinfo/virusalert.htm#CodeRed for additional information and links to software patches.
So, that's what it is, but why would that have affected a great many people's efforts to get online during the evening of 13th of August? Simple. One of the biggest suppliers of connectivity in the UK had been hit, reportedly, by CodeRed.
Symptoms of the failure, as far as we users are concerned, were as follows: You'd dial up easily enough. The other end would answer. You'd get a wait - perhaps a very long wait, depending on your timeout, and then your connection would be rejected by the other end.
This happened, it seems, particularly on 0808 dialup numbers, and would have particularly affected BTAnytime subscribers.
some of us find difficult to understand is how any ISP can find itself under attack from CodeRed. Its existence has been widely reported, even Microsoft has issued bulletins to its customers strongly advising that they patch their systems, and news wires - those carried by ISPs particularly - have been full of stories concerning the dreaded worm.
You'd have thought, would you not, that everyone likely to be affected would have battened down the hatches as tight as a very tight thing.
It seems not!
Oh, just in case you're wondering, no the ISP in question was not AOL.
