Nimda


Also found in: Wikipedia.

Nimda

An extremely effective denial-of-service worm that takes advantage of numerous security loopholes in Microsoft's Web server (IIS) and browser (IE) software. Meaning "admin" backwards, Nimda usurps disk space in both clients and servers by depositing unwanted files in local folders and network shares and attaching itself to executables.

Nimda infects vulnerable IIS servers by adding a line of JavaScript to common Web pages that, when browsed by any user on a client machine, cause a virus file (README.EXE) within an Outlook .EML file to be downloaded and executed automatically. Users must have Outlook installed for this bizarre event to work. Introduced in September 2001 and affecting more than a million machines, Nimda propagates to other servers via FTP and to other users by using its own SMTP forwarding engine to send the virus to all the mail recipients that it finds. It also makes the hard disks in the server sharable for anyone. Nimda-A was the first release of the virus and uses README.EXE and README.EML files. Nimda-B, released shortly thereafter, uses PUTA!!.SCR and PUTA!!.EML files instead. See Web Server Folder Traversal and MIME exploit.
References in periodicals archive ?
Nimda (also known as the Concept Virus) appeared in September 2001, attacking tens of thousands of servers and hundreds of thousands of PCs.
Although this appears to be a new attack, however it is similar to the classic old-school mass-mailing viruses like Nimda, Melissa and the Anna Kournikova virus from 2001.
This appears to be a new attack, however is similar to the classic old-school mass-mailing viruses like Nimda, Melissa and the Anna Kournikova virus from 2001.
SCC no longer struggles with viruses such as the NIMDA worm, which in 2001 wreaked havoc on numerous organizations throughout the world.
For instance: <p>* NIMDA virus compromised over 86,000 internet hosts (Source: SANS Institute)<p>* Code Red - 359,000 servers in less than 14 hours (Source: CAIDA)<p>The cost of these security breaches is typically high and will adversely impact the business revenue model of an organization.
A decir del directivo, lo importante de esta cifra no es su crecimiento sino la forma en como se esta llevando, pues el codigo tiene categoria de acuerdo con su poder de infeccion, como Sircam, Nimda o Codigo Rojo, que eran categoria 3, 4 o 5.
Historically the MSRT utility was created to clean up instances of worm infections from the likes of Nimda, but its role has expanded over the years to include attempts to control the spread of the Storm worm (Trojan) and beyond.
A market research firm estimated that Nimda caused $530 million in damages after only one week of propagation.
2001: Ramen, Sadmind, Sircam, Code Red II, Nimda and Klez all appear.
Full of examples and illustrations, this edition contains more than 170 new countermeasures; patching the top 75 hack attacks for UNIX and Windows; cleanup and prevention of malicious code, including Myparty, Goner, Sircam, BadTrans, Nimda, and many more; and Tiger Surf 2.0 Intrusion Defense (full suite single license).
This technology makes it possible to stop infections of the types caused by malware such as BugBear, Nimda, Klez, SirCam or LoveLetter, even if these have not previously been identified.
Linux has nothing that can compare with Nimda, Code Red, Blaster or SQL Slammer either for virulence or for the global damage that they caused.