|
|
||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||
| Editions | myCNN | Video | Audio | Headline News Brief | Feedback |  |
![[CNN.com]](http://i.cnn.net/cnn/images/newsnet/cnnlogo.gray.gif){kind=small} TOP STORIESN. Y. plans to heal skyline Stocks rise on Case departure Lieberman's presidential announcement today New arrests may be linked to UK ricin scare (MORE)
![[SI.com]](http://i.cnn.net/cnn/images/main/si.logo.gif){kind=logo} SPORTSJordan says farewell for the third time Shaq could miss playoff game for child's birth Ex-USOC official says athletes bent drug rules (MORE)
 All Scoreboards
| |
||||||||||||||||||||||||||
|  |
Ramen Linux worm seen in wild
(IDG) -- A Linux-based Internet worm known as Ramen -- named after the popular noodle soup -- has been seen in the wild, affecting systems that run Red Hat's 6.2 or 7.0 versions of the open-source OS, several Web security observers report. The worm has struck a server at the U.S. National Aeronautics and Space Administration (NASA) Jet Propulsion Lab in California, a University of Texas A&M server, and one operated in Taiwan by server vendor Supermicro Computer, according to Attrition.org, a site that chronicles Web site defacements. The worm has been known of since about September 2000 when Red Hat developed a patch addressing it.
The worm only affects servers running Red Hat's Linux and not any of Microsoft's operating systems, computer security company Symantec said. The worm apparently hits sites that run Red Hat Linux and then spreads itself by locating like servers running the same OS. Three known security breaches are struck by the Ramen worm, according to Kaspersky Lab International, an international data-security software development company in Cambridge, United Kingdom, in a statement. The breaches allow Ramen to take over root access rights, and unbeknownst to the user, execute its code on target file systems. The Computer Emergency Response Team (CERT) Coordination Center at Carnegie Mellon University, in Pittsburgh, which put out an advisory about the Ramen worm on Jan. 18, warns that the worm could damage or alter Web-related files and system files. It also might create denial-of-service (DoS) conditions when altered or when destroyed files are not available. Ramen worm victims are at high risk for "being party to attacks on other Internet sites," according to CERT's advisory. If the worm does hit a system, it modifies the index.html file and defaces the Web site. It ultimately replaces the index.html file with the words "RameN Crew" and "Hackers looooooooooooooooove noodles." Then a message appears that says "This site powered by" and a picture of a Top Ramen noodles package is displayed, according to Symantec. Durham, N.C.-based Red Hat has received some calls recently, directed to its tech-support crew to assist with working through problems from the worm, said Melissa London, a spokeswoman for the company. But there have not been a lot of tech-support requests, she said. If users were on top of the patch notification, they should not be having problems, she said. RELATED STORIES: 'Ramen' worm hits some Red Hat Linux servers RELATED IDG.net STORIES: Melissa comes to the Mac RELATED SITES: CERT Coordination Center | |||||||||||||||||||||||||||
|
| |||||||||||||||||||||||||||||
| Back to the top |
© 2003 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved. Terms under which this service is provided to you. Read our privacy guidelines. Contact us. |
![[CNN Money]](http://i.cnn.net/cnn/images/main/fn.logo.newsnet.gif){kind=logo}
(
