I've seen various references to this worm firing off and saturating networks worldwide within 1 minute... if *that* isn't scary, I don't know what is. It shows that someone, with the right tools and enough vulnerable servers can take out a good portion of the Internet in seconds. And how can we predict *every* possible issue and block it?
The good news with this worm was that the ports it used had low real utility for inter-provider traffic. Compare and contrast to Code Red, where "block TCP port 80" isn't such a great way to slow down the worm if you have any customers who like to use "the web" A combination of the speed at which this spread and a port nobody wants to block will undoubtedly happen in the future, and be ugly, both. Matthew Kaufman matthew@eeph.com (home) mkaufman@dsl.net (work)