Really... [link|http://www.microsoft.com/security/antivirus/nachi.asp|http://www.microsoft...tivirus/nachi.asp]
I found it on one of my 2k servers last week (behind three firewalls - border router and sidewinder - running MacAffee Personal Firewall) Must have been when the fscker was booting up the very first time behind the NAT... Note to Win Admins... The frigging 10 seconds before MacAffee Firewall loads is more than enough time to be hacked. Pull the plug on your servers after reboot until desired time (or disable the nic).
Speaking of W2K administration - I'm getting sick of patching W2K machines. It's a full time job. Just reading the security bulletins on a semi-weekly basis is tiresome. The server that got nachi has only 25 out, 80 and 443 open. All services (cept iis and SQL) have been turned off... How do you protect against this shit?
Think about it. The "cracker/hacker/whatever" that wrote nachi was trying to help us out... Just bitching. Never mind.