"In a file that the Cheese worm leaves on infected servers and which was
subsequently posted to the Incidents list, the author wrote: 
 
  # removes rootshells running from /etc/inetd.conf 
  # after a l10n infection... (to stop pesky haqz0rs 
  # messing up your box even worse than it is already) 
  # This code was not written with malicious intent. 
  # Infact, it was written to try and do some good. "
 
 http://www.msnbc.com/news/574503.asp

Interesting story, although it is a little slanted on the MS side.  They
mention some worm that affects Linux and NT IIS, but only note what it does
to Linux.

Brian Kelsay

"If at first you don't succeed, skydiving is not for you."