I’d welcome other perspectives here, but it seems to me that the overall infectious environment has jumped up like crazy in the last couple of weeks. This is more or less in line with the closure of McColo Corp – as the traffic from them receded, so the trojans have taken up the slack. Looking at the variety of firewall logs I can get my hands on, it seems that there’s a massive collateral DoS effect that develops, as a relatively benign infector opens the door a crack – and the IP address that hosts it is beaten to death by traffic that’s not allowed to reach the infected host, by the firewall.

I suspect these are not necessarily new viruses, either, and that the DoS effect is unintentional. These script kiddies just want their copy of “Quantum of Solace” and don’t actually intend you any active harm: but, in a couple of cases now just over the last 10 days, I’ve been obliged to start rotating the firewall’s static external IP address to stay ahead of the inbound stuff, to give enough breathing space to work out where and what to disinfect. Most irritating, and a very good way of finding out that you need a smarter firewall or a more attentive ISP. So long as you don’t have work to do, that is!