Vectors & Interfaces
The networking specialist
 About Vectors & Interfaces Network support services Useful resources PC News Contact The support specialist Support Guide


3rd Apr 2003 

Nimda Virus CODE RED Style Attacks are increasing

Seem to be seeing an increasing amount of CODE RED and Nimda virus attacks on my web server. Do not know if these are compromised machines or not.

I just do a NET SEND ipadd Your system is infected with CODERED/Nimda virus, pls clean up your system to the IP address of the compromised machine to inform them. If it is a hacker then is just to tell them to buzz off.

It even crash IIS on some of the patched NT4 servers on SP6A. IIS services keep stopping even after rebooting as long as there is probing from infected machines. To resolve this problem, it is recommended to remove all .ida/.idq mappings.

It is also strongly advised to remove idq.dll from all the IIS machines facing this problem. It is also advisable to install the IIS lockdown tools which consist of URL scan that filters out very long web request intended to crash IIS from these zombie machines.


Please click here to return to the main page.


We can also be contact during regular office hours 0900-1800 hr GMT+8 Singapore Time at :

Tel: 63365033

HP: 96964648

Thank you for your interest.