This advisory provides a method for blocking the Code Red worm at network ingress points using Network-Based Application Recognition (NBAR) and Access Control Lists (ACLs) within Cisco IOS® Software on Cisco routers. This solution should be used in conjunction with the recommended patches for IIS servers from Microsoft.
The first thing you should do to combat Code Red is apply the patch available from Microsoft (see links below). This protects vulnerable systems and removes the worm from an infected system. However, applying the patch to your servers only prevents the worm from infecting the servers, it does not stop the HTTP GET requests from hitting the servers. There is still the potential for the server to get bombarded with a flood of infection attempts.
Did you find this white paper useful?
3 out of 6 users found this white paper useful
Related white papers
Securing SMBs Against Spam and Virus Threats
This white paper from St. Bernard Software explains why spam and viruses are particularly tough to eliminate in small- and medium-sized businesses (SMBs) that can't dedicate IT staff to combating...
Trojan Defence: A Forensic View
The Trojan defence; “I didn’t do it, someone else did”– myth or reality? This two part article investigates the fascinating area of Trojan & network forensics and puts forward...
Gene Kim Presents "Surviving and Benefiting from an Audit" with Craig Morgan, Partner KPMG
An audit is a necessary and often painful event for many companies. As difficult as it is to imagine, it is possible to benefit from an audit. By understanding the...
The Real Cost of Spam
Unsolicited Commercial E-mail, or spam, is not just an annoying problem. It's a costly one. This paper examines the different cost impacts, both direct and indirect, that spam has on...
Learn the Newest Way to Secure Your Windows® Environment
Learn how to improve the security of your Microsoft® Windows® Environment! Shoring up network resources from both internal and external attacks is a priority of most IT organizations. Together new...
Sophos Email Security and Control - Free 30 Day Trial
Proactively block inbound and outbound threats with unrivaled effectiveness and simplicity, delivering high-capacity, high-availability gateway and groupware security.
Request your Free Trial Now!
Design Guide for F-Secure Anti-Virus
This Cisco Security Design Guide describes F-Secure Anti-Virus for Internet E-Mail (FSAVIM) version 5.0, the latest anti-virus gateway solution from F-Secure. This product is designed to cooperate with the Cisco...
