Blaster clarification...
In posting my opinions on the blaster worm, and on what might be done to prevent future occurrences, I seem to have opened myself up to some blasting of my own:
Ok, there's been a few people who don't know better talking about how everyone should have been patched for MSBlaster already, and that all admins who haven't patched are morons.
This is a pretty easy statement to make when you are responsible for 1-10 machines, and patching pretty much means hitting windows update.
However, life isn't that simple for everyone. In addition to my developer hat, I also have the (mis?)-fortune of being the IT manager for my company's site of ~200 nodes, with about a dozen production servers and a similar number of dev & qa servers. We are part of a bigger, global enterprise network consisting of about 60,000 nodes.
Now, first, I'd like to point out that nowhere in my original post did I once assert that “all admins who haven't patched are morons”. Nor did I even suggest that keeping large networks up-to-date on patches is easy. But if it were easy, companies wouldn't need IT staffs, now would they? So I recognize it's not easy...but it is necessary.
Also, it would appear that those who took umbrage at my original post either missed or ignored the main point of the post, which was not about bashing sysadmins, but rather that we all (those of us who are computer savvy, know how to use a firewall, install patches, etc.) have a responsibility to help our friends, families, and co-workers understand and use good security practices. So my point wasn't to beat up on sysadmins, to lay blame, or to create some “us vs. them” thing between developers and sysadmins. It was to say that the problems we're having (collectively) with the blaster worm represent a failure on all our parts on some level. It's that which we should be thinking about before the next worm comes along.