- Joined
- Aug 27, 2001
- Messages
- 511
- Reaction score
- 0
As if we don't have enough problems, I got this from my pre-med advisor this morning:
From AMCAS (9/19/01)
Yesterday, we sent a message to the medical schools to alert them to
an
internet Virus attack on the AAMC's IT infrastructure. The text of that
message is below. The infrastructure team has been dealing aggressively
with continued virus problems resulting from yesterday's attack. We
evidently did not get all security holes patched or our patches were
hacked. These are getting knocked out, but we are experiencing
performance problems as a result. We will keep constituents posted on
our progress in resolving all issues related to the virus attack.
*************************************************
What:
A new Code Red Worm variant (a self-replicating Internet virus that
attacks Microsoft web servers) has spread widely onto AAMC's
infrastructure - internally and at Exodus.
When:
We have tested the fix for the worm and will be implementing it today
starting with our production infrastructure at Exodus. Implementation
is beginning as I write this. We hope to have the external production
servers "clean" by the end of the evening and returned to full
operation. Internal web servers will take longer to "clean" and at
least one (INET430 - internal Cold Fusion development) has been damaged
sufficiently that it will have to reinstalled.
Effects:
The load and performance of Web application servers (running Microsoft
IIS and Cold Fusion) will be very poor. Some constituents will lose
their connections to these servers as we take them down to clean the
worm and block its reestablishment. AMCAS (including DTU), CurrMIT,
Find-a-Resident, NRMP, Cybercash and various survey software
applications will be adversely affected.
Other Information:
See http://www.incidents.org/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From AMCAS (9/19/01)
The battle with the red worm internet virus continues.....
What:
AAMC's offsite production NT web servers(hosted at Exodus) have been
shutdown to prevent them from attacking other sites on the Internet. We
have received complaints from other organizations of our sites attacking
their sites..creating potential legal liability for the Association.
Our attempts to clean the Nimda Worm have met with limited success.
Effects:
AMCAS, CurrMIT, Find-a-Resident, NRMP, Epayment and various survey
software applications will be unavailable to constituents during this
outage.
The main AAMC web site is unaffected by this Worm and will include
messages to constituents regarding our condition. In addition,
constituents that access the above applications directly should receive
systems unavailability messages that briefly explain our situation.
Other Information:
We are working non-stop on implementing software that will actively
protect our NT servers from this Worm and prevent them from attacking
other sites. The full solution will, likely, require reinstalling NT
and all software on all servers in production in Exodus (as well as many
NT systems here).
From AMCAS (9/19/01)
Yesterday, we sent a message to the medical schools to alert them to
an
internet Virus attack on the AAMC's IT infrastructure. The text of that
message is below. The infrastructure team has been dealing aggressively
with continued virus problems resulting from yesterday's attack. We
evidently did not get all security holes patched or our patches were
hacked. These are getting knocked out, but we are experiencing
performance problems as a result. We will keep constituents posted on
our progress in resolving all issues related to the virus attack.
*************************************************
What:
A new Code Red Worm variant (a self-replicating Internet virus that
attacks Microsoft web servers) has spread widely onto AAMC's
infrastructure - internally and at Exodus.
When:
We have tested the fix for the worm and will be implementing it today
starting with our production infrastructure at Exodus. Implementation
is beginning as I write this. We hope to have the external production
servers "clean" by the end of the evening and returned to full
operation. Internal web servers will take longer to "clean" and at
least one (INET430 - internal Cold Fusion development) has been damaged
sufficiently that it will have to reinstalled.
Effects:
The load and performance of Web application servers (running Microsoft
IIS and Cold Fusion) will be very poor. Some constituents will lose
their connections to these servers as we take them down to clean the
worm and block its reestablishment. AMCAS (including DTU), CurrMIT,
Find-a-Resident, NRMP, Cybercash and various survey software
applications will be adversely affected.
Other Information:
See http://www.incidents.org/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From AMCAS (9/19/01)
The battle with the red worm internet virus continues.....
What:
AAMC's offsite production NT web servers(hosted at Exodus) have been
shutdown to prevent them from attacking other sites on the Internet. We
have received complaints from other organizations of our sites attacking
their sites..creating potential legal liability for the Association.
Our attempts to clean the Nimda Worm have met with limited success.
Effects:
AMCAS, CurrMIT, Find-a-Resident, NRMP, Epayment and various survey
software applications will be unavailable to constituents during this
outage.
The main AAMC web site is unaffected by this Worm and will include
messages to constituents regarding our condition. In addition,
constituents that access the above applications directly should receive
systems unavailability messages that briefly explain our situation.
Other Information:
We are working non-stop on implementing software that will actively
protect our NT servers from this Worm and prevent them from attacking
other sites. The full solution will, likely, require reinstalling NT
and all software on all servers in production in Exodus (as well as many
NT systems here).