Ten years on from Nimda: Worm author still at large
Saturday marks the tenth anniversary of the infamous Nimda worm. Nimda (admin spelled backwards) was a hybrid worm that spread via infected email attachments and across websites running vulnerable versions of Microsoft's IIS web server software. Specifically the malware exploited a folder traversal vulnerability, which was …
This topic is closed for new posts.
Worms...
Yes, now we have Conficker, Stuxnet, et al.
I liked Nimda, though, it was clever.
And I'd argue that at least half the reason people started using browser exploits was because of the notorious ease of heap sprays, and because of the dawn of the Java plugin.
Dontcha mean...
...Microsoft's counteroffer in the plugin space, the "access all areas" ActiveX?
Don't forget Google
And their Native Client, thus ensuring I will never use Chrome again. You'd think of all people, they'd know better. But apparently, they Know Better and no one can teach them otherwise.
Bad request
Your browser sent a request that this server could not understand.
Now that I have spent ten years in hiding perfecting my Nimda worm, it is time to perfect the delivery vehicle. Sharks, with frikkin laser beams on their heads.
Don't panic!
I am not panicking and I am calling homeland security.
*ahem*
Sir, we couldn't get the sharks. They're protected.
Hmm
It exploited a vulnerability in some MS software. Where have I heard that before?
Remember it well...
Although it was Code Red which caused all the trouble for my company.
Luckily it was so unsubtle in its attempt to spread that we noticed the impact on the internal LAN performance and started investigating.
The boss was so freaked out that he basically handed us techies a blank cheque to make sure nothing like this happened again and we finally got the multiple zone firewall we had been asking for.
When Nimda joined shortly afterwards we were able to sit back and watch its attempts on the website logs. I remember still seeing attempts turning up in the logs only a few months ago!
On the plus side...
Whilst the numerous worms did some damage, they did have the effect of teaching Microsoft about security. Prior to that time, security was very much an add-on optional extra.
Following the outbreak ISTR Gartner came off the fence and recommended that nobody implement IIS. This stung MIcrosoft so badly that they pulled Longhorn (which was probably going to be called XP Server) and had a root & branch code review, sending all their developers on security courses.
Ten years on, servers and workstations are far more secure by default. Security onfiguration is turned on it's head where you have to have knowledge to turn it off, not as it used to be where you need to be an expert to turn it on.
So maybe the authors of Nimda were being cruel to be kind?
For Alien Life in LOVE* ..... and an Alien LOVE Life XSSXXXX CodedD for Dangerous and Volatile.
"Ten years on, servers and workstations are far more secure by default. Security onfiguration is turned on it's head where you have to have knowledge to turn it off, not as it used to be where you need to be an expert to turn it on"
Have you any idea how beautifully dangerous that it is and how vulnerable it renders you to remote virtual control of human machinery, with Perfectly Anonymous Legionnaires.
*Live Operational Virtual Environments
Control CyberSpace Administer Everything is a Simple Concept Easily Doable. Have you something Easily Doable which which can be added into AI as a Fabulous Attraction .......and Valued Prize Asset in a SMARTer MetaDataBase Mining Operation for MegaPowerful Source Core Lode to Novel Drivers in LOVE ..... with Command and Control and Sublime Administration.
Of course he's still at large
It's not like he murdered anyone or was caught doing something even more serious like sharing music files right?
Nobody with money got their feelings hurt, so nobody (that can do anything) cares...
meh...
There were millions of dollars/pounds spent world wide fixing the problem that he caused. Having said that, you post reads like a hissy-fit teenager, so I don't expect you to understand that taking servers down can cost money in terms of money not made. I, however remember a lot of overtime being done at the company I worked for at the time, in order to resolve the problems caused.
Oh, and don't say it was MS' fault, they may have written the software with the bug, the author of the code is responsible for the exploitation of the problem.
Here, let me lend you my dictionary.
sarcasm (sar·casm). noun /ˈsärˌkazəm/
1. The use of irony to mock or convey contempt
* - his voice, hardened by sarcasm, could not hide his resentment
This one & the ILOVEYOU...
... got me a shed load of overtime back in the day :)
Indeed
They filled the overtime gulf left after Y2K.
Good time$$$$$
Nimda ? Help get rid of n00b Windows admins
There were so may crappy Windows admins out there at the time, I remember, that that was a wake-up call for a lot of businesses ... at the time I was working for Symantec and some calls we would get from admins were hilarious ... seriously, most had no feckin' idea!
All these photoshop guru wannabees turned domain admins! An MCSE is still only a proof of cretinism in most "serious" businesses, you have to have "serious" admin certifications, like UNIX or GNU Linux ...
Symantec you say...
Well you're right there then ar kid.
They mustn't have any idea at all...
them were the days...
MCSE == Must Consult Someone Experienced
@Alfie
> MCSE == Must Consult Someone Experienced
I always liked "Minesweeper Consultant and Solitaire Expert".
// YIK, there are probably some for the the linux equivalents as well
This topic is closed for new posts.
