> By the same reasoning that vulnerable systems are the result of "lazy"
> admins, we can expect a majority of them to be NT4 (why upgrade
> if you don't
> have to?), so this should clean 'em out.
>

That would only apply to sys admins that are lazy by nature.  Some companies
won't *EVEN* upgrade to Windows 2000 due to financial issues, as well as the
time it usually takes to completely convert the network to run Windows 2000
Server, Advanced Server or Datacenter Server.  Coming from someone who has
worked on both sides of the NT4/2000 server spectrum, This is not an easy
task.

SOme companies I've talked to seem to be more wary of Win2K than they are of
any other OS, including Novell.  Seems that there were more issues with
Win2K Server than there were with NT4, but don't take my word for it.. I
royally hate Win2K Server (haven't tested Adv. Server yet) for various
reasons.  But.. my humble opinion is...

Anyone using a Windows system as a internet server is, IMHO, out of their
mind.  IIS is the most INSECURE webserver i've ever seen in my life.  Sure,
you can run Apache on a Windows server, but you lose some of the flexibility
from the linux/unix binaries, or at least that's been my experience.

This CODE RED virus (both strains) is a b*tch to deal with.. my own system
(Windows 2000 Professional) has been hit by it several times, but it can't
infect my system cause I don't even have IIS installed anywhere on the
network at home, and I'm on a dial up. <G>

Just my humble opinion, and YMMV.

Joseph N. Brouhard
CompTIA A+ Certified Professional
joe@armadaproject.net