What is the Nimda Virus...
Posted Thursday, June 17, 2004
Because of the increased activity over the Internet, viruses and worms have become serious pests. As the Internet advances, these pests are becoming much more sophisticated. There capacity to spread across the Internet in just a matter of hours can cause serious floods of payloads to systems. One recent virus that caused, and still is causing, an up-roar across the Internet is the 'Nimda'.
What is Nimda?
Nimda is a computer virus appearing first on September 18, 2001 when it caused massive delays by creating huge amounts of traffic as it spread across the Internet. Nimda has four main attach mechanisms: web server to web server (IIS 4 / 5), to desktops through an e-mail attachment called README.EXE or ADMIN.DLL; browsing infected Web sites from Windows desktop or server machines; and by shares across internal networks. Once an internal machine is infected, it is possible for the virus to spread to shared drives and machines.
Nimda is a 'resource hungry' virus that steals a lot of bandwidth and in some cases results in a denial of service effect. Nimda does not seem to damage or destroy any files however it is known to be one of the most malicious viruses created, because of the considerable amount of down time it causes systems, resulting in a slow down to a loss of traffic. The most affected industry is the 'web hosting' industry, where, even though you may be protected from the immediate affects of the virus, you still get 'hammered' by the residue, the excess traffic produced from other non-protected systems on the Internet.
Hence the industry result of this is a slow, to non-existent, service; or even a shut down of servers, until all traffic is attended to; causing great grief and many misunderstandings.
The name of this virus came from the reverse spelling of "admin" apparently referring to the "admin.DLL" file that, when run, propagates the virus.
About the Author
Written by Candice Humbley
Fast, reliable and affordable Windows 2000 web farm hosting. (http://m6.net)