I seem to recall that the Code Red worm attacks only servers running IIS (Internet Information Services) software. We're not running that here, i.e., we're not hosting a website on the premises. Wouldn't IIS be pretty much an ISP thing?



First off, the 2600's are prety nice cisco's... Cheap (for cisco, at least) and usable. They do have a firewall capability if you put the right IOS in place on it.

But... That IOS could also be your problem... around 11.0 of the cisco ios (i think.. may have been 12.0) they added the ability to configure it via a browser... ala, internal webserver. Now, Code Red doesn't infect anything besides IIS, but it sure as hell can bog the crap out of any machine running a web server.

My OpenBsd gateway at the house had it's log file grow by 50 megs in 5 hours thanks to all the morons who didn't patch.... Of course, they weren't getting though the firewall , and BSD could care less about NT's buffer overflows, but all of those requests sure pushed the load average up, and certainly used a shitload of bandwidth.

Cisco's with that interface configured would certainly be at risk. Not from the infection, but simply from overload... The 2600 doesn't have the fastest processor on the block, nor the most memory...