Many people may be running web servers off their computers, but not realise the security dangers of worms like Code Red.
Round Two of the Code Red worm has seen around 150,000 servers infected which might at first indicate a large number of systems administrators who haven't patched security holes. But Gordon Munro, business development manager at Auckland-based security firm SecurIT says the problem is more at a grassroots level than it seems.
"There are plenty of people running web servers off their PCs or laptops that don't even know about the security problems."
Munro says he himself runs a web server from his laptop simply to allow him to gain access to some of the work SecurIT does - that doesn't mean he runs a web server in the traditional manner of having a rack-mounted server with a team of IT support staff to help out.
This seems to gel with the views of Nick FitzGerald, director of Christchurch-based Computer Virus Consulting. He believes a large part of the problem with regards to Code Red is that small to medium-sized business and businesses run from home are now operating websites and they may not have the technical expertise to cope with something like Code Red.
"A significant percentage of the infected servers in the US were running on one telco's DSL network - that says to me they're very small and probably not running an IT department."
Munro says there is help at hand however - a simple application that is free to download to help manage security patch upgrades. It is available from PC World's website.
"It's called BigFix and it's perhaps the best utility I've got running on my laptop at the moment."
BigFix is free to download and "checks your computer for bugs, configuration conflicts, and security holes" according to the utility's sales pitch. The utility checks your system profile against various sites and alerts you to any new security patches you may need.
"It's not so hot with Microsoft Office updates but it's great at security patches and things like that," says Munro.