But then again, sometimes a Dale Earnhart does die, and sometimes part of the Internet does crash. Whether you're a NASCAR pit crew chief or a network administrator, your job is to make sure those failures are few and far between. Ironically, it can be a thankless job. For example, when Code Red didn't cause the Internet to come to a crushing halt, some people said that's because Code Red was a puffed-up scare story. Idiots.

The simple truth is that Code Red and its descendents haven't caused widespread havoc, because most network administrators did their jobs. They made sure their copies of Internet Information Server (IIS) were patched so that Code Red never stood a chance in their shops. Even so, Code Red's damage is estimated to run on the order of 2 billion dollars--a financial disaster, if there ever was one. It will be far more by the time it's done. Major sites, like Hotmail and Federal Express, have been hammered. How much does of a disaster does it take before some people buy a clue?

To be fair, some of the Code Red blame goes to people running server-style systems at home and not having a clue about how to administer them. But it boils down to the same problem--network admins, or people who are de facto net administrators not updating their systems.

What I find most annoying, however, are the people who say there was no real problem. If losing 2 billion bucks of productivity isn't a problem, what is? Code Red never should have amounted to even a 2 million dollar problem. The worm and its family could've been stopped in their tracks if all network administrators had updated their servers with the most current patches.

It would be easy to blame Microsoft for Code Red's damage, because IIS's appalling lack of security let Code Red flourish in the first place. And frankly, Microsoft deserves some of the blame. I could (and have)--gone on at length about how Microsoft software has fundamental security flaws. But this time around, I think a few bad network administrators deserve the lion's share of the guilt. And, yes, Microsoft, with its HotMail foul-up, has to share some of the blame, too.

By early August, how could the administrators at Hotmail and Federal Express not have known that they needed to update their servers? It's one thing for Joe Clueless in accounting to open an ILOVEYOU Outlook e-mail attachment-a week after ILOVEYOU ran around the world-but it's another for a network administrator to make such a stupid mistake.

Where the Patches Are

No excuses. If you run a server operating system from one of these companies, check their update/patching sites at least once a month.

Patches sites - Caldera (Includes Linux, OpenServer, UnixWare and Open Unix) -