Cases
Study: Code Red. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G.
Hogle.
http://sfsecurity.pr.erau.edu
What happened?
•The Code Red worm exploited a buffer overflow in Microsoft’s IIS server, defaced web sites
on English-language servers, and made a failed attempt at a
denial-of-service attack on www.whitehouse.gov.
•The Code Red II worm exploited the very same vulnerability, except it installed a back door
designed to make your entire hard drive available to attackers over the
Internet.
•Between the two worms, about 800,000 machines infected and an estimated $2.5 billion in
damages, lost productivity, and clean-up costs.