The IT Law Wiki
Don't have an account?
Register
Register

Editing Blended attack

Back to page
Edit
Edit Page
Blended attack
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 9: Line 9:
 
* '''E-mail.''' When a [[user]] on a [[vulnerable]] [[host]] opened an [[infected]] [[e-mail attachment]], [[Nimda]] exploited a [[vulnerability]] in the [[Web browser]] used to display [[HTML]]-based [[e-mail]]. After [[infect]]ing the [[host]], [[Nimda]] then looked for [[e-mail address]]es on the [[host]] and then sent copies of itself to those [[Email address|addresses]].
 
* '''E-mail.''' When a [[user]] on a [[vulnerable]] [[host]] opened an [[infected]] [[e-mail attachment]], [[Nimda]] exploited a [[vulnerability]] in the [[Web browser]] used to display [[HTML]]-based [[e-mail]]. After [[infect]]ing the [[host]], [[Nimda]] then looked for [[e-mail address]]es on the [[host]] and then sent copies of itself to those [[Email address|addresses]].
   
βˆ’
* '''Windows shares.''' [[Nimda]] [[scan]]ned [[host]]s for unsecured [[Windows]] [[file]] shares; it then used NetBIOS as a transport mechanism to [[infect]] [[file]]s on that [[host]]. If a [[user]] [[run|ran]] an [[infected file]], this would activate [[Nimda]] on that [[host]].
+
* '''Windows Shares.''' [[Nimda]] [[scan]]ned [[host]]s for unsecured [[Windows]] [[file]] shares; it then used NetBIOS as a transport mechanism to [[infect]] [[file]]s on that [[host]]. If a [[user]] [[run|ran]] an [[infected file]], this would activate [[Nimda]] on that [[host]].
   
βˆ’
* '''Web servers.''' [[Nimda]] [[scan]]ned [[Web server]]s, looking for known [[vulnerabilities]] in Microsoft Internet Information Services (IIS). If it found a [[vulnerable]] [[server]], it attempted to [[transfer]] a copy of itself to the [[server]] and to [[infect]] the [[server]] and its [[file]]s.
 +
* '''Web Servers.''' [[Nimda]] [[scan]]ned [[Web server]]s, looking for known [[vulnerabilities]] in Microsoft Internet Information Services (IIS). If it found a [[vulnerable]] [[server]], it attempted to [[transfer]] a copy of itself to the [[server]] and to [[infect]] the [[server]] and its [[file]]s.
   
βˆ’
* '''Web clients.''' If a [[vulnerable]] [[Web client]] visited a [[Web server]] that had been [[infect]]ed by [[Nimda]], the client's [[workstation]] would become [[infect]]ed.
 +
* '''Web Clients.''' If a [[vulnerable]] [[Web client]] visited a [[Web server]] that had been [[infect]]ed by [[Nimda]], the client's [[workstation]] would become [[infect]]ed.
   
 
In addition to using the methods described above, blended attacks can spread through such services as [[instant messaging]] and [[peer-to-peer]] [[file sharing]]. Many instances of blended attacks, like [[Nimda]], are incorrectly referred to as [[worm]]s because they have some [[worm]] characteristics. In fact, [[Nimda]] has characteristics of [[virus]]es, [[worm]]s, and malicious [[mobile code]].
  
In addition to using the methods described above, blended attacks can spread through such services as [[instant messaging]] and [[peer-to-peer]] [[file sharing]]. Many instances of blended attacks, like [[Nimda]], are incorrectly referred to as [[worm]]s because they have some [[worm]] characteristics. In fact, [[Nimda]] has characteristics of [[virus]]es, [[worm]]s, and malicious [[mobile code]].
Please note that all contributions to the The IT Law Wiki are considered to be released under the CC-BY-SA
Cancel Editing help (opens in new window)