The crashes of the file server today have been caused by a new computer virus that has rapidly spread across the Internet. It appears to be a Code Red variant, and like Code Red it attacks Microsoft Windows-NT based web servers and then when it infects a machine attempts to infect others. Our server isn't NT based, but we are getting so many hits from infected NT servers that it's running our machine, with 768MB of RAM, out of memory because it has to fork an apache process for each request. The requests are coming in at rates exceeded 60/second, where the normal traffic our webserver handles peaks at around 25/second. This was completely saturating our T1's outbound. I took off the long 404 page we normally return so that it would at least reduce the outgoing load and I've throttled the number of Apache processes to 256. This will make the web server response slower but at this point it's a choice between it being slow and dying instantly. In all the years I've been running an ISP, this is the first virus I've seen that was sufficiently virulent to completely saturate facilities or servers. The CERT website already had this listed on their current activity when I checked and I reported it to the FBI as well and they say they've also been swamped with calls.