Code: p1177 Severity: Warning
Description: This event is generated when an attempt is made access the root.exe executable on a webserver. Impact: This activity is indicative of a CodeRed worm infection. Corrective: If root.exe exists in the filesystem of the web server, remove the machine from the network and follow the vendor's recommend method for cleaning and repairing the damage done by this particular worm. Apply the appropriate vendor supplied patches. Upgrade to the latest non-affected version of the software.
|
