Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Full analysis of the .ida "Code Red" worm - solve the problem

From: Frank Steinert <Frank.Steinert () protime de>
Date: Fri, 20 Jul 2001 14:47:09 +0200
To protect your IIS against it you can do this:

Remove the ".ida" entries in ISAPI-assignments of each site. There for you
can use the management console -> basic directory -> (application settings)
-> configuration.

A simple other way is to remove idq.dll from your system32 directory, if you
don't use the index server.


Since we've done this, our servers are immune.


* 
* Frank Steinert
* mailto:Frank.Steinert () protime de
* http://www.protime.de
*
* proTime GmbH
* Josef-von-Fraunhofer-Str. 9
* D-83209 Prien
* Tel: 08051-6916-25
* Fax: 08051-6916-11
*
Previous By Date Next
Previous By Thread Next

Current thread: