SUSE Linux Firewall on CD Intercepts Nimda Worm!

October 2, 2001

Computer virus "Nimda" currently causes Internet users worldwide to experience material damages amounting to billions of dollars. With the security solution, SUSE Linux Firewall on CD, companies can effectively protect their networks against intrusion of the Nimda worm.

Oakland, CA

"Linux and Open Source development," explained Johannes Nussbickel, CEO of SUSE Linux AG. "Since the entire Internet and e-mail infrastructure of SUSE Linux runs on our own Linux, SUSE has not become the victim of a virus assault."

The Nimda virus infects Internet pages hosted on Microsoft's Internet Information Server (IIS) and imperceptibly inserts contaminated JavaScript code. For this purpose, Nimda exploits several security leaks of IIS. As soon as a user hits the affected page, the file is automatically transmitted to user's computer. Once it reaches the user's hard disk, the programs open the directories of a Windows PC to external access. Consequently, unauthorized intruders can access, read, and delete files on the Windows PC. Though most anti-virus programs "clean" infected applications and remove them from the hard disk, the security breaches opened by Nimda remain intact.

"SUSE Linux Firewall has intercepted the Nimda worm and has protected our customers' networks against the intrusion of Nimda," explained Johannes Nussbickel. "Therefore, our customers automatically saved money and valuable time."

With SUSE Linux Firewall on CD, companies can easily protect their networks against intrusion of the Nimda worm from infected Internet pages. The proxy server Squid, which is included in the Firewall package, loads all accessed Internet pages and keeps them on stand-by for users. Squid can quickly be configured to filter and block all potentially hazardous file formats. Thus, when surfing to contaminated web pages, the worm is prevented from being transmitted to the user's own IT environment.

US media reports estimate that Nimda has affected approximately 2.2 million web servers. According to US Attorney General John Ashcroft, the material damage caused during the past few days amounts to US$ 2.6 billion in the United States alone. For this reason, the renowned market research and consulting company, Gartner, now recommends all companies to employ alternatives to the affected Microsoft Internet Information Server (IIS). Gartner states that the high cost level caused by the utilization of IIS, resulting from weekly security leaks needs to be eliminated. Gartner comments that other web servers also need to be maintained, but their overall security risk is much lower.

One of the alternatives Gartner suggests is the Open Source program "Apache", which is also an integral component of various SUSE enterprise solutions. Netcraft Survey ( reports that today more than 60 percent of all Internet servers are already operated with Apache.

About Novell
Novell, Inc. is a leading provider of information solutions that deliver secure identity management (Novell® Nsure™), Web application development (Novell exteNd™) and cross-platform networking services (Novell Nterprise™), all supported by strategic consulting and professional services (Novell NgageSM). Active in the open source community with its Ximian and SUSE Linux brands, Novell is firmly committed to open source and offers comprehensive Linux products and services for the enterprise, from the desktop to the server. Novell's vision of one Net - a world without information boundaries - helps customers realize the value of their information securely and economically. For more information, call Novell's Customer Response Center at (888) 321-4CRC (4272) or visit Press should visit

Novell is a registered trademarks; Nsure, exteNd and Nteprise are trademarks; and Ngage is a service mark of Novell, Inc. in the United States and other countries. SUSE is a registered trademark of SUSE Linux AG. * All third-party trademarks are the property of their respective owners.