why the nimda upsurge again?

[Jose Nazario <jose () biocserver BIOC cwru edu>]

in the past week or two i have noticed a strong upsurge in nimda probes
and requests, and i know i'm not alone in this. while the bulk of the
requests are local (given the mechanism it uses for addressing), several
are from outside our network. there is no similar rise appearant in code
red v1 or v2.

what is the reason for this upsurge again? has anyone been able to figure
it out? since nimda appeared XP has been released .. is XP offering a new
hole to infect and spread from (just a hypothesis)?

thanks ...

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com