AOA Forums AOA Forums AOA Forums Folding For Team 45 AOA Files Home Front Page Become an AOA Subscriber! UserCP Calendar Memberlist FAQ Search Forum Home


Go Back   AOA Forums > Hardware > CRASHED!

CRASHED! A topic for SEVERE and immediate Hardware and Operating System FAILURES. We will try to get you up again. NOT for Optimization questions!


Reply
 
LinkBack Thread Tools Rate Thread
  #1 (permalink)  
Old 12th November, 2001, 04:13 AM
Member
 
Join Date: October 2001
Location: Central Illinois
Posts: 89
Send a message via AIM to SEiZe Send a message via Yahoo to SEiZe

Exclamation Nimda got me

I am running two Win2k servers (yeah i know, poor me) and I got that wonderful Nimda virus today on one of my servers around 4:00pm CST. It infected 1204 out of 53004 files in a 2 minute time period. Good thing that I turned IIS and my modem off quickly. Right now I am rescanning my PC and having it remove Nimda from those files.

I wish that people would stop sending viruses out. It gets really annoying sometimes. Lucky for me, I keep updating my virus scanners and use them all the time. Nimda like to make more files named .eml and place them all over your server's directories.

Moral of this story is patch your servers, don't run IIS (switch to Appache), and don't trust .NET
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 12th November, 2001, 07:43 AM
cloasters's Avatar
Asst. BBS Administrator
 
Join Date: September 2001
Location: Location, Location
Posts: 21,871

After seeing part of the the log of an AV prog that tried to get Nimda out of a Win2K box, I wish you good luck. The guy that posted the log had no choice but to wipe his HDD. Chances are that you'll have to do the same. SBT.

While Linux and Apache are not impervious most, ahem, people that write viruses go for bang for their buck--in a manner of speaking. MS's "Enterprise" software(BBB has nerve, I'll give him that)shouts, nay screams to the world--"Please, wreck my day!"

Good luck adapting Linux to your serving needs. It's not all that difficult, and you'll become a tiny target. Rather than a four storey tall bullseye!
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 12th November, 2001, 01:47 PM
Member
 
Join Date: October 2001
Location: Central Illinois
Posts: 89
Send a message via AIM to SEiZe Send a message via Yahoo to SEiZe

I took a while (8+ hours), but i finally got rid of Nimda. I scanned five machines last night and downloaded and installed too many patches. Nimda is gone off of my servers. whew
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 13th November, 2001, 01:51 AM
cloasters's Avatar
Asst. BBS Administrator
 
Join Date: September 2001
Location: Location, Location
Posts: 21,871

Yaay! Glad to read that you vanquished the %&*@^&!
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 13th November, 2001, 02:03 AM
Member
 
Join Date: October 2001
Location: Central Illinois
Posts: 89
Send a message via AIM to SEiZe Send a message via Yahoo to SEiZe

I just can't believe how fast it infects files. 1204 in one minute is alot, of course it was running on a PII 350 w/ 288MB PC100 RAM. Another thing, it was the new NimdaII virii which has copyrights included in the coding.
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #6 (permalink)  
Old 13th November, 2001, 04:02 AM
SJAXKINGPIN's Avatar
Member
 
Join Date: October 2001
Location: Central IL.
Posts: 149
Send a message via Yahoo to SJAXKINGPIN

Good Work Soldier. I've heard many people actually needing to wipe their drives to get rid of NIMBDAII. It's likely the still infected/yet undetected machines out there that haven't been given the 8hrs. of TLC you gave that keep these virii in the loop.
__________________
AthlonXP 2000+ Thanks XPPCENTRAL @ 1812 mhz
Epox 8KHA+
3/4GB Crucial PC2100
2-WD 100GB 7200rpm Drives
Geforce 2 GTS 32mb Waiting for my Ti4400
SB Audigy

Dual PIII 933mhz Server
1/2 GB PC133
2-9.1gb 7200RPM Ultrastars
1-WD 1200Jb 120gb 8mb 7200RPM
40gb 7200 RPM Maxtor
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #7 (permalink)  
Old 13th November, 2001, 03:54 PM
Member
 
Join Date: October 2001
Location: Central Illinois
Posts: 89
Send a message via AIM to SEiZe Send a message via Yahoo to SEiZe

That was the first virii that I had even gotten on any of my machines. I squashed it now I am going to backup everything just in case it happens again. Next time I will just reload completely.
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #8 (permalink)  
Old 21st November, 2001, 03:17 AM
286 Rocks's Avatar
Member
 
Join Date: September 2001
Posts: 33
Send a message via AIM to 286 Rocks

My parents had nimda on their Duron 700 Win98 machine. I tried to fix it for a good hour or two. But every time I did a scan, It would come back saying its fixed 2000 or so files and my system was clean. Did a scan 1/2 hour later says Nimda has infected 4000 files. After that I said screw it threw their outlook folder on my computer and did a full format. I just have no patience for things like that.
__________________
--------- There are 3 types of people in this world, those that can count and those that can't---------
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #9 (permalink)  
Old 21st November, 2001, 04:02 AM
Banned
 
Join Date: September 2001
Posts: 5,957

I got hit hard with the first one... machine worked one minute, refused to boot the next .

Reinstalling and zonealarm helped

Router helped more.

Then the motherboard died.

Reinstalling and zonealarm didn't stop that
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 02:49 AM.


Copyright ©2001 - 2010, AOA Forums
Don't Click Here Don't Click Here Either

Search Engine Friendly URLs by vBSEO 3.3.0