"The sites that seem to be most susceptible to Code Red
are small Web hosting providers and advanced home users with
dedicated Internet access," said Brandon Pepelea, president of
Network Security Automation Control Corp. of Santa Monica, Calif.
He noted that even now, "some large corporations haven't eradicated
Code Red from their arsenal of servers." For example, last week,
Microsoft's Hotmail service and the Associated Press's computers
both came down with Code Red.
The worm dates back to early July. On July 19, CERT reported
that Code Red had spread to more than 250,000 systems -- in nine
hours. While, like a wild fire, Code Red has already burned most of
the systems that are vulnerable to it, it's still catching fire in
unprotected systems. Richard R. Morgan, a systems engineer at a
telecommunications company in Haymarket and webmaster for the
Northern Virginia Linux Users Group, saw 106 unsuccessful attempts
to infect his home Linux systems on Aug. 5, and he still sees more
than a dozen assaults a day.
Morgan's computer, with its non-Microsoft operating system,
can't be infected by the worm. But he's still feeling the effects
of it, and so are many other home users."