I thought we were done with Nimda. It’s definately increasing in the number of attacking hosts. Time to rethink my DENY scripts and be more proactive in reporting attacking hosts upstream.
Perhaps more people are pirating Windows now, because they don’t want to use XP.
640 separate hosts blocked in three subnets, one of them almost entirely blocked.