Results 1 to 2 of 2

Thread: Code Red worm

  1. #1
    New Lounger
    Join Date
    Jan 2001
    Posts
    16
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Code Red worm

    I've read all the Microsoft material as well as Woody's on this subject but still have an unanswered question. We are running Win NT 4.0 but do not have a web site or Internet Information Service, or receive and respond to external web requests, so I concluded that we are not vulnerable to Code Red. However, we do use Proxy Server to handle client requests for web access, and I noticed from the Proxy Server Manager that we are running IIS, without which Proxy Server does not function. My question is whether this causes us to be vulnerable to Code Red? So far we have had no problem. Thanks for you help.

    Ernie

  2. #2
    Uranium Lounger
    Join Date
    Jan 2001
    Location
    Cincinnati, Ohio, USA
    Posts
    7,089
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Code Red worm

    If you have a system running IIS and have not applied the patch, you are vulnerable.

    If IIS services are not running then the vulnerability doesn't exist. The worm exploits a hole in that particular piece of software. So patch up your gateway, by all means.....<A target="_blank" HREF=http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-033.asp>Microsoft's write-up</A> tells you exactly what is affected and you can download the patch from there.
    -Mark

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •