Problem solve Get help with specific problems with your technologies, process and projects.

Protecting your Web server from Nimda

User Charles Banas offers this tip for securing your Web server against Nimda.

Protecting your Web server from Nimda

This tip was submitted to the searchSecurity Tip Exchange by user Charles Banas. Let other users know how useful it is by rating the tip below.

The Web security tip titled Protecting the Web server is something I wish I had access to (or had realized) before I went to work today.

You see, my company was hit with the new Nimda worm. It uses several IIS exploits, including one that we discovered only too late: TFTP. It uploads its core code as Admin.dll and executes that DLL file from the root directory on the main (C:) drive. If we hadn't had TFTP enabled, (it is by default) we never would have had much of a problem with this worm.

Thank God for the services file in %systemroot/system32/drivers/etc/services! Specifially, the line we changed was: TFTP 69/udp
to: TFTP 0/udp

(Oh, man I hate IIS...)

This was last published in September 2001

Dig Deeper on Web Server Threats and Countermeasures



Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.







  • CIO Trends #6: Nordics

    In this e-guide, read how the High North and Baltic Sea collaboration is about to undergo a serious and redefining makeover to ...

  • CIO Trends #6: Middle East

    In this e-guide we look at the role of information technology as the Arabian Gulf commits billions of dollars to building more ...

  • CIO Trends #6: Benelux

    In this e-guide, read about the Netherlands' coalition government's four year plan which includes the term 'cyber' no fewer than ...