Internet Information Services

Last week, for the second week in a row, IIS administrators have had to face Code Red. More than a simple virus, Code Red could represent a new acceleration in the online virus war and shows that we may not be ready, as an industry, for the era of web services. A Rapid Epidemic Now that I’ve got your attention, let’s take a quick look at how Code Red spread. First of all, there was a simple buffer overflow problem in Microsoft Index Server, for which the company produced a patch. A month later, Code Red starting showing up. However, its rate of growth was relatively slow at the beginning. The true epidemic did not start until July 19th, when Code Red exploded onto the scene, increasing the number of infected servers from just around 300 at 00:15am to 2994 by 7:30am, over 30,000 by 14:40pm and over 300,000 in the 6 hours after that. In other words, in less than a day, Code Red went from a relatively small annoyance to a full blown attack on the net infrastructure. Had no one rung the bell on it, it would have taken only a couple of days for it to…