Larger text
Smaller text
Print
E-mail
City, county computers successfully fight off virus
![]("http://www.pittsburghlive.com/gifs/outofsite.gif") CERT (ww.cert.org) is Carnegie Mellon's Web site that provides warnings. National Infrastructure protection center (www.nipc.gov) is a Web site that provides warnings. |
"We have 43 servers that could have been affected, and we put the patch on them or they've been turned off," said Per Madsen, chief information officer for Allegheny County.
The FBI's National Infrastructure Protection Center expected the Code Red worm that started at 8 p.m. Tuesday to infect nearly as many systems as it did on July 19, when more than 250,000 were attacked.
The SANS Institute, a computer security think tank working with the government to monitor the Internet, reported about 150,000 Internet-connected computers running Microsoft's NT or Windows 2000 operating system were affected as of last night.
The Pentagon had to shut down public access to many Defense Department Web sites again, a week after it shut down most military sites to protect against Code Red.
Experts at Carnegie Mellon University's Computer Emergency Response Team said it will be days before the extent of the damage is known.
"It appears the rate of compromised systems seems to be growing exponentially," said Chad Dougherty, an Internet security analyst at the CERT Coordinator Center, which works with the federal government on issues of Internet security.
"The nature of the worm is simply to spread to as many machines as possible. In the earlier versions it would deface Web pages. We won't know the full scope for several days."
CERT reported that the July 19 strain first attacked a vulnerability on Web sites running Microsoft's Internet Information Services software along with Microsoft Windows NT and Windows 2000.
Unlike a computer virus, which needs a person to help it spread, a worm infects other computers on its own. It does not affect most home computers.
Code Red is programmed to keep trying to infect computers until the 19th of the month. After that, it goes into attack mode, sending junk data to the White House's Web site.
Even though the White House moved its numerical Internet address last month to dodge the first outbreak, the attack may have the unintended effect of clogging the Internet and causing slowdowns.
Owners of infected computers can turn their computers off and on again to clear out the worm, but they still need to install Microsoft's patch to keep from being reinfected.
The FBI reported that more than 1 million people downloaded Microsoft's patch, and they found no signs of any infections among companies in the Pittsburgh region.
"We haven't seen any ill effects relative to the `Code Red' virus," said Jon Rosenson, director of strategic initiatives for Stargate, the largest regional Internet service provider with 90,000 customers. "We patched several machines on our network and we haven't seen a problem at all."
Thousands of computers used by city and county government weren't affected either, thanks to the patch.
City computer experts applied the patch to eight vulnerable servers before the worm began its work on Tuesday.
"We were able to apply all the patches before anything happened," said Dave Stephens, chief information officer for the city.
Government officials and companies here also used monitoring software to detect the worm if it tried to infect their servers.
"The worm attempted to get in on July 19 and we had activity (on Tuesday) as well," said John Bezinger, vice president of information technology at FreeMarkets. "Our data center security feature is what kept it out."
Marc Lukasiak can be reached at mlukasiak@tribweb.com or (412) 320-7939. Staff writer Erik Siemers and The Associated Press contributed to this report.
More Regional headlines
- Armbrust man was hoping to renovate empty house for rental
- Palin's 'Going Rogue' book tour to swing through county
- Charges pending against Homer City man after drug raid
- Telephone town hall planned for today
- Palin book tour coming to county
- Bedford women left holding signs that shame them
- Attorneys of man accused of killing child say he's mentally retarded
- Two deceased Tarentum, Freeport mayors on ballot unopposed
