Free Vulnerability Scan Readies Corporate Infrastructures Against ‘Code Red’ And ‘Code Red II’ Worms

Mercury Interactive Provides ActiveTest SecureCheck to Help Organizations Safe Guard Against ‘Code Red’ and ‘Code Red II’ Infection

SUNNYVALE, Calif., Aug. 6 /PRNewswire/ — In an effort to help stop the spread of the self-propagating malicious codes known as the “Code Red” Worm and the newly discovered “Code Red II”, Mercury Interactive (Nasdaq: MERQ) is offering to scan any organization’s Internet infrastructure free of charge to determine its vulnerability to infection by the worms. Through the use of ActiveTest(TM) SecureCheck(TM), the company’s hosted security testing service, Mercury Interactive, the leading provider of enterprise testing and application performance management solutions, can complete a thorough infrastructure scan that will check to ensure that each and every machine in an organization has been protected from infection.

Despite the slowdown in the spread of the “Code Red” Worm in recent days, an alert jointly issued by six of the nation’s leading Internet security watchdog organizations, including the National Infrastructure Protection Center (NIPC), warns that the worm poses a continued and serious threat to Internet users personal and corporate computing systems. The alert states strongly, “immediate action is required to combat this threat.”

In a new report issued on Saturday, experts at the SANS Institute for computer security warned of a new worm dubbed “Code Red II” that takes advantage of the same vulnerability as the widely publicized “Code Red” Worm. This new worm employs a more malicious “back door” method, which, if successful, will allow any attacker access to the infected Web server at a later date.

“Diligent prevention is the key to fighting attacks using the Internet like the ‘Code Red’ and ‘Code Red II’ worms,” said Ken Klein, chief operating officer at Mercury Interactive. “If an organization misses even one machine in their infrastructure, they leave the door open to infection — or to potential infiltration. ActiveTest SecureCheck can very quickly determine if a system is vulnerable.”

Organizations interested in scheduling or receiving more information about the free vulnerability scan can contact Mercury Interactive at 800-TEST911 from within the US and +1-408-822-5200 internationally, or by visiting http://atsecurecheck.mercuryinteractive.com/codered. The free vulnerability scans will be available through the end of September to organizations worldwide.

ActiveTest SecureCheck was announced in June and gained immediate industry recognition as the first offering of its kind. The hosted security testing service combines the powerful load generation capabilities of Mercury Interactive’s hosted load testing service, ActiveTest, with security scanning technology from Qualys, Inc. ActiveTest SecureCheck measures the impact of a heavy user load on firewalls, Web security systems, Intrusion Detection Systems (IDS) and critical business components providing customers with a real-life view of their Internet infrastructures vulnerabilities. With the inclusion of Hailstorm(TM), a product from ClickToSecure, Inc., ActiveTest SecureCheck adds to its potent repertoire the ability to simulate Denial of Service (DoS) attacks including buffer overflows, SQL, and DoS attacks targeting specific applications and infrastructure components, to assess the vulnerability of infrastructure and application components.

“Code Red” Threat Continues; “Code Red II” Opens the Door to Potential Hackers According to recent reports, the “Code Red” Worm spends the first 19 days of each month seeking unprotected machines to infect with its code. Each infected machine in turn searches for more machines to infect. During this “propagation” stage, the worm “can cause sporadic but widespread outages among all types of systems,” according to the CERT Coordination Center (CERT). From the 20th to the 27th of each month, the “Code Red” Worm shifts its focus and all infected machines launch distributed denial of service (DDoS) attacks on targeted servers, such as those recently reported by the White House and the Pentagon. On the 27th of each month, the worm becomes dormant until its next round of propagation begins.

Security experts at SANS Institute have estimated that the worm has infected about 300,000 machines in its most recent propagation phase, which began on August 1st. While experts are “cautiously optimistic” that the worm’s growth is under control, they warn that the threat of infection is still very real and are urging Internet users to take precautions against infection. The new “Code Red II” threat can be more serious. While its method of propagation is similar to “Code Red”, early indications are that “Code Red II” spreads more voraciously-up to three times faster than its predecessor. It is estimated that the worm has infected hundreds of thousands of computers since its discovery this weekend. Since the worm leaves a “back door” in the Web servers it infects, the systems are left wide open to security breaches long after the worm itself becomes inactive.

About Mercury Interactive Corporation

Founded in 1989, Mercury Interactive is the leading provider of enterprise testing and performance management solutions. The company’s automated software and managed services help companies deliver and maintain high-performance applications. Customers worldwide use Mercury Interactive solutions across their application and technology infrastructures to minimize hardware and operational expenses, protect revenue streams and enhance their competitive positions.

Mercury Interactive is headquartered in Sunnyvale, California with offices in more than 20 countries. Further information is available at http://www.mercuryinteractive.com or by phone at U.S. +1-408-822-5200. The company’s common stock trades on the Nasdaq National Market under the symbol MERQ.

NOTE: ActiveTest and ActiveTest SecureCheck are trademarks of Mercury Interactive Corporation, Sunnyvale, California. Other product and company names are used herein for identification purposes only, and may be trademarks of their respective companies.




Share this