I cannot fully agree. We have always kept up with patches supplied by MS.
The only one that was not applied in time was the last patch issued on the
fateful day of Sept. 11. Patches were downloaded but not installed for
various reasons - what happened on that day that affected all of the free
world, and personal medical problems (hospitalization). We had installed
all patches before that, and many have said that if anybody had patched for
Code Red then you would be OK - we were hit! 3143 infected files, able to
delete 940 files, repair 1752 files, but are left with over 500 files that
no one knows how to fix as of this date and time, a damaged Explorer.exe and
asp.dll - our websites run on ASP files. Approx. 50 web sites that require
repairs to .asp, .html, and .htm files.
I got our IMail server back up and running, although 1 file is still
infected that cannot be repaired. But it does not seem to be affecting
much. Much work lies ahead to fully repair our servers - if they can be.
Overburdened IT staff, in most companies, cannot keep up with all that needs
done. Patches, such as this, are just added to the list of "things to do".
Solutions? More expense, hardware firewalls, stronger and more costly
anti-virus software installed, additional IT staff to keep up with patches,
updates, and ..... the list goes on. It is indeed the greatest IT challenge
ever faced. Companies of any consequence now require a full-time IT
security employee with authority to utilize an "immediate expense" budget -
with today's cyber attacks there is no time for a meeting to discuss what
has to be spent and why.
This is the first time I have ever been caught by any virus or worm
(business or personal) - and I've been around for a long time. You feel
defeated and embarrassed that it could have happened to you.
James Cousineau
VP Marketing and IT Management
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Barrie - Canada 705.722.3674
"Home is where I hang my @"
--------------------------------------------------------
CareerTek.org Inc. www.careertek.org <http://www.careertek.org>
170 Attwell Dr., Suite 640
Toronto, ON Canada M9W 5Z5
Toll Free 866.679.8688
Tel: 416.679.8688 Fax: 416.679.8684
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Slade
Sent: Wednesday, September 19, 2001 10:28 AM
To: [EMAIL PROTECTED]
Subject: RE: [imail] Nimda Virus
The issue that allows the exploit was addressed by Microsoft in October
of 2000. If people would keep up on hot fixes, critical updates, and
service packs, people wouldn't would minimize the issues caused these
Trojans that use back doors in Windows that have already been fixed.
To ENSURE that you have ALL of the hot fixes for your system installed
and applied, please visit the following URL and run the scanner. This
will work for Windows NT 4, 2000 Pro, Server, and Advanced Server.
http://www.microsoft.com/technet/mpsa/start.asp
Run the scanner and it will tell you what hotfixes you're missing.
Sincerely... Slade @ Here, Inc.
______________________________________________________________________
The HKSI-IMail Admin List is hosted by........ Humankind Systems, Inc.
Questions, Comments or Complain like Hell.. mailto:[EMAIL PROTECTED]
Message Archive... http://www.tallylist.com/archives/index.cfm/mlist.4
To Manage your Subscription......... http://humankindsystems.com/lists
