Because of the increased activity over the Internet, viruses and
worms have become serious pests. As the Internet advances, these
pests are becoming much more sophisticated. There capacity to
spread across the Internet in just a matter of hours can cause
serious floods of payloads to systems. One recent virus that
caused, and still is causing, an up-roar across the Internet is
the 'Nimda'.
What is Nimda?
Nimda is a computer virus appearing first on September 18, 2001
when it caused massive delays by creating huge amounts of
traffic as it spread across the Internet. Nimda has four main
attach mechanisms: web server to web server (IIS 4 / 5), to
desktops through an e-mail attachment called README.EXE or
ADMIN.DLL; browsing infected Web sites from Windows desktop or
server machines; and by shares across internal networks. Once an
internal machine is infected, it is possible for the virus to
spread to shared drives and machines.
Nimda is a 'resource hungry' virus that steals a lot of
bandwidth and in some cases results in a denial of service
effect. Nimda does not seem to damage or destroy any files
however it is known to be one of the most malicious viruses
created, because of the considerable amount of down time it
causes systems, resulting in a slow down to a loss of traffic.
The most affected industry is the 'web hosting' industry, where,
even though you may be protected from the immediate affects of
the virus, you still get 'hammered' by the residue, the excess
traffic produced from other non-protected systems on the
Internet.
Hence the industry result of this is a slow, to non-existent,
service; or even a shut down of servers, until all traffic is
attended to; causing great grief and many misunderstandings.
The name of this virus came from the reverse spelling of "admin"
apparently referring to the "admin.DLL" file that, when run,
propagates the virus.
About the author:
Written by Candice Humbley http://m6.net Fast, reliable and affordable Windows 2000 web farm hosting.
