A Linux worm that started spreading a week ago has reached a plateau after infecting about 7,000 servers and turning the hosts into a peer-to-peer network that could be used to attack other computers.
Known as Linux.Slapper.Worm, Slapper and Apache/mod_ssl, the worm"s spread has fallen far short of the biggest attackers in recent times. For example, Code Red infected 400,000 servers last summer. And according to the National Strategy to Secure Cyberspace, the Nimda virus compromised 86,000 systems last fall. Perhaps most telling, security experts are already talking about Slapper in the past tense.
The worm exploited a flaw in the open-source security component used with many Linux-based Apache Web servers. Known as the secure sockets layer (SSL), the component is commonly used by e-commerce sites to secure transactions between the customer"s computer and the company"s server.
Slapper attacks Apache SSL servers running on Red Hat, SuSE, Mandrake, Slackware and Debian Linux.