Code Red worm

On July 19, 2001 a computer worm affecting Microsoft's Internet Information Server (IIS) web server was unleashed on the Internet. It soon became known as Code Red, named after the Mountain Dew soft drink by the programmers at who reported it. This worm exploited a vulnerability in the indexing software distributed with IIS and did several things:

It defaced the affected web site to display:
"HELLO! Welcome to http://www.worm.com! Hacked By Chinese!" (The last phrase became a stock phrase)
It tried to spread itself by looking for more IIS servers on the Internet.
It waited 20-27 days after it was installed to launch denial of service attacks on several fixed IP addresses. The IP address of the White House web server was among those.
It used the pattern NNNNNNNN...

On August 4, 2001, a variant of the Code Red worm, named Code Red II, appeared. It pseudo-randomly chose targets on the same or different subnets as the infected machines according to a fixed probability distribution, favoring targets on its own subnet more often than not, and it used the pattern XXXXXXXX... instead of NNNNNNNN...

[Top]


View Live Article	This article is from Wikipedia. All text is available under the terms of the GNU Free Documentation License

Code Red worm

See Also