Solaris/IIS worm hits 9000 boxes in 48 hours

Quite. However, since this is NANOG you missed the most interesting parts:

"Attrition has posted the IPs of all the boxes known to have been hit..."

"What's ironic here is that the worm exploits two separate holes which were reported and patched ages ago. Call it proof-of-concept that sysadmins spend an awful lot of time on activities other than absorbing security bulletins."