Bad coincidence: New worm virus plagues the Net

Bad coincidence: New worm virus plagues the Net

A week after terrorist attacks in New York and Washington, the Internet came under fire from a fast-spreading, mass-mailer worm that replicates itself several ways.

The CERT Coordination Center began receiving reports Sept. 18 of a massive increase in port 80 scanning. They were followed by reports of the Nimda ('admin' spelled backwards) worm, which arrived in e-mail messages with the attachment readme.exe.

Opening the e-mail triggered the worm, or it sometimes executed automatically by exploiting a vulnerability in Microsoft Outlook. It then sent itself to a recipient's mail list with a random subject line.

The worm also went after Microsoft Internet Information Server installations, defacing Web sites in the process. Visitors to such sites could get the worm on their systems.

Stephen Northcutt of the SANS Institute of Bethesda, Md., said the worm apparently is unconnected to terrorist attacks. 'If it had happened the morning of Sept. 11, we'd have had to come up with a different story,' he said.

About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected