I don't understand why Symantec classifies a "remote root" exploit as only "medium
" damage. Code Red [?]
is hitting cable modem networks especially hard, as the new variants scan "nearby" IP's in preference to random ones, which has apparently caused enough damage and network congestion that AT&T's residential broadband division (MediaOne) has cut off port 80 across their network to try and halt the spread of the worm, or so several submitters reported. Newsforge
has a story about various reactions to the worm, and reader nettdata sent in an interesting story about the worm becoming the main course
at a dinner of security specialists.