Sameh Ghane wrote:
Sorry, but this worm caused more damages to mailing lists than anything else, on the Internet. Looks more like a chain-letter...
Dunno why you would think this was other than operational. As a small provider serving almost entirely dial-up, we still have enough of this to swamp almost entirely all of our outbound links. And as soon as we kill them, they pop up on another IP. The support costs are going to hurt, bad. Inbound isn't too bad, I guess CEF and WFQ works to protect individual machines from overload at T1 rates. We won't have much of an attack problem on our own machines, as we are a Macintosh/Linux/OpenBSD shop. We have only 2 Windows machines to train tech support.... Meanwhile, the SirCam worm is eating disk space, and we have folks calling because it takes too long to download their mail, or the POP session fails entirely (another M$ problem with large messages). The support costs are hurting on this, too. It seems to me that somebody needs to write a version of Code Red that wipes all .exe and .dll in the windows directory, forcing an update of both windows and office. Anybody game? -- William Allen Simpson Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32