Nimda Worm Poses Triple Threat: Page 2

Posted September 21, 2001

Jim Freund

(Page 2 of 2)

As mentioned, each of these delivery methods have been used before, but what makes Nimda so potentially dangerous is this blended form of attack. Symantec's Ruchman advises that any network managers who have armed themselves with the latest virus definitions and the most current vulnerability management tools ready to be deployed, should be able to take care of the individual threats that this blended approach of delivery entails. Of course if you have set up firewalls, filtering at the gateway level and basic intrusion detection systems, the likelihood is that you shan't be struck at all.

An Ounce of Prevention

As is always the case, taking precautions before trouble strikes is always your best protection. Make sure that you are using the latest patches and updates for your servers, gateways, e-mail clients, and security-related software. Use a firewall and/or filters to assess incoming mail attachments. Be sure to educate your users about attachments and executables, and don't forget to mention that many files can be suspect no matter what their filename extension may be or what icon is displayed.

Don't allow software defaults to rule your decisions. *Never* allow e-mail clients or browsers launch executables automatically. Be certain you know which computers on your network have Network Share turned on, or any kind of peer-to-peer capabilities enabled.

Here are some patches and software you need to be aware of:
(updated 9/20/01)

Jim Freund is the Managing Editor of CrossNodes, where this article first appeared.

Page 2 of 2

Previous Page
1 2

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.