Return-Path: <sentto-279987-2622-1002077514-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Tue, 02 Oct 2001 19:53:16 -0700 (PDT) Received: (qmail 27946 invoked by uid 510); 3 Oct 2001 02:52:00 -0000 Received: from n11.groups.yahoo.com (216.115.96.61) by 204.181.12.215 with SMTP; 3 Oct 2001 02:52:00 -0000 X-eGroups-Return: sentto-279987-2622-1002077514-fc=all.net@returns.onelist.com Received: from [10.1.4.52] by n11.groups.yahoo.com with NNFMP; 03 Oct 2001 02:51:54 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_4_1); 3 Oct 2001 02:51:54 -0000 Received: (qmail 79136 invoked from network); 3 Oct 2001 02:51:53 -0000 Received: from unknown (10.1.10.27) by m8.onelist.org with QMQP; 3 Oct 2001 02:51:53 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta2 with SMTP; 3 Oct 2001 02:51:53 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id TAA10194 for iwar@onelist.com; Tue, 2 Oct 2001 19:51:53 -0700 Message-Id: <200110030251.TAA10194@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Tue, 2 Oct 2001 19:51:53 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Nimda.Virus.Lingers.on.House,.Senate.Computers] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Nimda Virus Lingers on House, Senate Computers Ben Pershing, AntiOnline, 10/2/2001 <a href="http://www.antionline.com/showthread.php?threadid=116076">http://www.antionline.com/showthread.php?threadid=116076> The "Nimda Worm" computer virus has wreaked havoc on Capitol Hill over the past two weeks, infecting dozens of workstations and even forcing the Senate to shut down several of its most vital systems. The virus, which transmits itself through e-mail and the Internet, hit between 40 and 50 House offices and spawned several "mutant" versions that required Congressional tech staffers to work overtime to update anti-virus software. "This virus was a little more sophisticated in terms of spreading in multiple modes," said Reynold Schweickhardt, director of technology for the House Administration Committee. "As of [Thursday] night we still had about 24 offices that had one or more infections. I think we reached the high-water mark [Thursday], and I think we're going to be victorious." The virus caused the Senate to shut down its Web-based e-mail system and its file transfer protocol system for a time the week before last. It is not clear what other damage Nimda did on that side of the Capitol. The Office of the Sergeant-at-Arms, which oversees the Senate's computer systems, did not return calls seeking comment. According to an alert put out by the Computer Emergency Response Team Coordination Center at Carnegie Mellon University, the Nimda Worm can be spread via e-mail as well as by visiting "compromised" Web sites. Infected e-mails often come with an attachment labeled "readme.exe," which, if opened, will automatically gather addresses from the user's address book and begin sending out new messages. If left unchecked, the worm will repeat this process every 10 days. If a user whose computer has been infected visits a Web site, other users connected to the same server can pick up the virus when they visit the same site. In the House, many users picked up Nimda by reading The Washington Post online. The worm can infect users of several versions of Microsoft Internet Explorer, the most commonly used browser in Hill offices. Nimda is only the latest in a series of e-mail-borne viruses that have plagued the Hill in recent years. The "Melissa" virus first struck Congressional offices in 1999, though both the House and Senate were able to avert serious problems by halting the spread of the bug early. A new strain of Melissa reared its head in March 2000, but after some initial confusion, its spread was again stopped. In May 2000 the more damaging "Love Bug" virus tore its way through Hill computers as staffers eagerly opened messages titled "I LOVEYOU." The virus forced Rep. Jay Inslee's (D-Wash.) office to shut down its server temporarily. (C) 2001 Roll Call. via ProQuest Information and Learning Company; All Rights Reserved ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:53 PST