RE: Code Red, anyone?

[Jürgen Nieveler <Juergen.Nieveler () encrease de>]

> Remember, it took several days last time before it got big. 
> This time there 
> are less systems for it to infect, but it has a bigger base 
> number from which 
> to spread. Without hard numbers, it's impossible to come up 
> with even a guess 
> at what the spread rate will be. 

But if the number of hosts at the start is higher, the speed of infections
will be higher, as there are more simultaneous attempts to find targets.

And if the total number of vulnerable hosts is lower, this means that it
will get harder for the worm to find new hosts - unless it's able to
reinfect hosts that already are infected, which of course would probably
crash those hosts after a few cycles.

All in all, I think that this would mean that the epidemic will burn out
even faster than last time...

-- 
Mit freundlichen Grüßen / Yours sincerely

Juergen Nieveler
Encrease AG
Team eCommerce
Tel.: +49/241/16008-327
Fax:  +49/241/16008-354
Email: juergen.nieveler () encrease de
Web: www.encrease.de
PGP: 
2AAB A988 0B80 D53F FC53  3BED 8CC0 2092 922D 8378 (DH)
5ADF A15E 91E4 98DB  2391 0D29 8B08 A884 (RSA)
Disclaimer: Views are mine, not my employers´ 


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com