Cases
Study: Code Red. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G.
Hogle.
http://sfsecurity.pr.erau.edu
What happened?
•The
Code Red worm exploited a buffer overflow in Microsoft’s IIS server, defaced web sites on English-language servers,
and made a failed attempt at a denial-of-service
attack on www.whitehouse.gov.
•The
Code Red II worm exploited the very same vulnerability, except it installed a back door designed to make your entire hard
drive available to attackers over the
Internet.
•Between
the two worms, about 800,000 machines infected and an estimated $2.5 billion in damages, lost productivity, and
clean-up costs.