From: "Tony Kapela"
Maybe the underlying theme is that, for whatever reasons (market preassures, business idiocy?), we find ourselves on a network that's largely a collection of monoculture hosts -- win32 on x86.
It's been awhile, but both sendmail and cisco routers themselves have had their worms that pointed out this very same issue. Apache had it's worm, although craftily only targeted red had/variants despite others being vulnerable. win32 wasn't even around during the original worms that treatened entire networks. I'm not a win32 fan (ignore the fact that I'm sending this from my win32 gaming system), but it has never been a matter of a specific OS, hardware platform, or software package. It is a matter of awareness. Many people were caught off guard by this attack as their networks weren't designed to guard against and still be managable from inside threats. They won't be caught unprepared twice. Vendors are slowly learning what to test for and protect against. Consumers are starting to realize (a little bit) that they have an impact on the 'net. But seriously, what's the virus policy of many Providers? Are infected accounts cancelled until fixed? Does I provider think about their contribution to the network as a whole or just the big buck? Jack Bates BrightNet Oklahoma