Fighting network worms in a large corporate environment presented at Virus Bulletin 2002

by Joe Waddington (Nortel networks),


Summary : "
In 2001, Code Red 2 and Nimda drove home the risks network worms can
pose to large corporate networks.

Nortel Networks experienced the leading edge of both malicious waves,
and during the peak of Nimda, was seeing multiple computers a minute
becoming infected! Although these worms brought with them their
respective payloads, in many ways the available countermeasures were
far more painful than the worms themselves.

Having seen the speed at which worms can enter a corporate network and
the disruptions they can cause, Nortel Networks has developed reaction
processes that both effectively deal with the threat and keep ahead of
its spread. Nortel Networks' corporate anti-worm infrastructure
quickly detects worm-like activity, identifies infected machines, and
isolates them from the network.