Anti-virus firm F-Secure has placed one of their systems on the Slapper worm’s peer to peer network, enabling them to monitor the number of OpenSSL servers infected. The data they’ve colleced thus far indicates that it is spreading fairly rapidly: as of this morning, over 11249 systems were on the worm’s P2P network, compared to 5987 less than a day ago. While that’s nowhere near the rate Code Red or Nimda spread, it’s a good start, and a focused denial of service attack from the entire network of infected servers could be extremely effective. CERT has also released advisory CA-2002-27 with more information on Slapper and patching instructions.

(N-Stalker Security Force)