Heh.

I did something like that once when Nimda/Code Red (I forget which one) came a-knocking on my web server. One of the logged IP addresses responded to the IIS bug... oo, er! So I got it to display a message (using NET MSG, I think it was) saying that this machine was unpatched and violated with whichever worm it was that it had tried unsuccessfully to inflict on my Apache server. The machine was off the 'net within 24 hours - yah, I was curious and went looking. :-)

I'd like to think heads rolled, but I have no idea and no way of finding out.

Wade.

Welcome to IWETHEY!