Edit Page
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 9: | Line 9: | ||
* '''E-mail.''' When a [[user]] on a [[vulnerable]] [[host]] opened an [[infected]] [[e-mail attachment]], [[Nimda]] exploited a [[vulnerability]] in the [[Web browser]] used to display [[HTML]]-based [[e-mail]]. After [[infect]]ing the [[host]], [[Nimda]] then looked for [[e-mail address]]es on the [[host]] and then sent copies of itself to those [[Email address|addresses]]. |
* '''E-mail.''' When a [[user]] on a [[vulnerable]] [[host]] opened an [[infected]] [[e-mail attachment]], [[Nimda]] exploited a [[vulnerability]] in the [[Web browser]] used to display [[HTML]]-based [[e-mail]]. After [[infect]]ing the [[host]], [[Nimda]] then looked for [[e-mail address]]es on the [[host]] and then sent copies of itself to those [[Email address|addresses]]. |
||
β | * '''Windows |
+ | * '''Windows Shares.''' [[Nimda]] [[scan]]ned [[host]]s for unsecured [[Windows]] [[file]] shares; it then used NetBIOS as a transport mechanism to [[infect]] [[file]]s on that [[host]]. If a [[user]] [[run|ran]] an [[infected file]], this would activate [[Nimda]] on that [[host]]. |
β | * '''Web |
+ | * '''Web Servers.''' [[Nimda]] [[scan]]ned [[Web server]]s, looking for known [[vulnerabilities]] in Microsoft Internet Information Services (IIS). If it found a [[vulnerable]] [[server]], it attempted to [[transfer]] a copy of itself to the [[server]] and to [[infect]] the [[server]] and its [[file]]s. |
β | * '''Web |
+ | * '''Web Clients.''' If a [[vulnerable]] [[Web client]] visited a [[Web server]] that had been [[infect]]ed by [[Nimda]], the client's [[workstation]] would become [[infect]]ed. |
In addition to using the methods described above, blended attacks can spread through such services as [[instant messaging]] and [[peer-to-peer]] [[file sharing]]. Many instances of blended attacks, like [[Nimda]], are incorrectly referred to as [[worm]]s because they have some [[worm]] characteristics. In fact, [[Nimda]] has characteristics of [[virus]]es, [[worm]]s, and malicious [[mobile code]]. |
In addition to using the methods described above, blended attacks can spread through such services as [[instant messaging]] and [[peer-to-peer]] [[file sharing]]. Many instances of blended attacks, like [[Nimda]], are incorrectly referred to as [[worm]]s because they have some [[worm]] characteristics. In fact, [[Nimda]] has characteristics of [[virus]]es, [[worm]]s, and malicious [[mobile code]]. |