In an effort to help stop the spread of the self-propagating malicious codes known as the Code Red worm and the newly discovered Code Red II, Mercury Interactive (Nasdaq: MERQ) is offering to scan any organisation`s Internet infrastructure free of charge to determine its vulnerability to infection by the worms.
Through the use of ActiveTest SecureCheck, the company`s hosted security testing service, Mercury Interactive, the globally leading provider of enterprise testing and application performance management solutions, can complete a thorough infrastructure scan that will check to ensure that each and every machine in an organisation has been protected from infection.
This is according to Graeme Allcock, sales director at Mercury Interactive`s South African office.
"Despite the slowdown in the spread of the Code Red Worm in recent days, an alert jointly issued by six of the United State`s leading Internet security watchdog organisations, including the National Infrastructure Protection Centre (NIPC), warns that the worm poses a continued and serious threat to Internet users personal and corporate computing systems," Allcock explains.
According to Allcock, the alert states strongly, "immediate action is required to combat this threat".
"Apparently, in a new report just issued, experts at the SANS Institute for computer security warned of a new worm dubbed Code Red II that takes advantage of the same vulnerability as the widely publicised Code Red worm," he explains further.
"This new worm employs a more malicious `back door` method, which, if successful, will allow any attacker access to the infected Web server at a later date. Diligent prevention is the key to fighting attacks using the Internet like the Code Red and Code Red II worms," he says.
"If an organisation misses even one machine in their infrastructure, they leave the door open to infection-or to potential infiltration. ActiveTest SecureCheck can very quickly determine if a system is vulnerable," he emphasises.
"Organisations interested in scheduling or receiving more information about the free vulnerability scan can contact Mercury Interactive in Johannesburg, South Africa at (011) 802-1011, or by visiting http://atsecurecheck.mercuryinteractive.com/codered. The free vulnerability scans will be available through the end of September to organisations worldwide," Allcock concludes.
Share
ActiveTest Secure Check was announced in June and gained immediate industry recognition as the first offering of its kind. The hosted security testing service combines the powerful load generation capabilities of Mercury Interactive`s hosted load testing service, ActiveTest, with security scanning technology from Qualys, Inc.
ActiveTest SecureCheck measures the impact of a heavy user load on firewalls, Web security systems, Intrusion Detection Systems (IDS) and critical business components providing customers with a real-life view of their Internet infrastructures vulnerabilities. With the inclusion of Hailstorm, a product from ClickToSecure, Inc, ActiveTest SecureCheck adds to its potent repertoire the ability to simulate Denial of Service (DoS) attacks including buffer overflows, SQL, and DoS attacks targeting specific applications and infrastructure components, to assess the vulnerability of infrastructure and application components.
the Code Red threat that continues, and Code Red II which opens the door to hackers
According to recent reports, the "Code Red" Worm spends the first 19 days of each month seeking unprotected machines to infect with its code. Each infected machine in turn searches for more machines to infect. During this "propagation" stage, the worm "can cause sporadic but widespread outages among all types of systems," according to the CERT Coordination Centre (CERT).
From the 20th to the 27th of each month, the Code Red worm shifts its focus and all infected machines launch distributed denial of service (DDoS) attacks on targeted servers, such as those recently reported by the White House and the Pentagon. On the 27th of each month, the worm becomes dormant until its next round of propagation begins.
Security experts at SANS Institute have estimated that the worm has infected about 300 000 machines in its most recent propagation phase, which began on 1 August 2001. While experts are "cautiously optimistic" that the worm`s growth is under control, they warn that the threat of infection is still very real and are urging Internet users to take precautions against infection.
The new Code Red II threat can be more serious. While its method of propagation is similar to Code Red, early indications are that Code Red II spreads more voraciously-up to three times faster than its predecessor. It is estimated that the worm has infected hundreds of thousands of computers since its discovery this weekend. Since the worm leaves a "back door" in the Web servers it infects, the systems are left wide open to security breaches long after the worm itself becomes inactive.
Mercury Interactive
Founded in 1989, Mercury Interactive is the leading provider of enterprise testing and performance management solutions. The company`s automated software and managed services help companies deliver and maintain high-performance applications. Customers worldwide use Mercury Interactive solutions across their application and technology infrastructures to minimize hardware and operational expenses, protect revenue streams and enhance their competitive positions.
Mercury Interactive is headquartered in Sunnyvale, California with offices in more than 20 countries worldwide, including in SA in Johannesburg and Cape Town. Further information is available at www.mercuryinteractive.com or via the listed below. The company`s common stock trades on the Nasdaq National Market under the symbol MERQ.
Editorial contacts