Last Thursday we contracted the supposedly benign Welchia worm. It is still lurking about and occasionally flooding our network with ICMP packets. Although we used the WelchFix.exe from Symantec, our systems are not yet patched enough to prevent another infection. Rather than go around to each computer and installing all the updates from WindowsUpdate, I have installed SUS (Security Udate Service) on one of our servers and will push out the client with Group Policy. We have a firewall in place that protects us from attacks from the outside, but we are not quite up-to-date internally. This means that those who use laptops at home and dial into the Internet can contract a worm, and then plug into our network and reak havoc. I am still not exactly sure whose ‘taxi’ Welchia came in on, but I am working on a way to prohibit new computers from automaticly connecting on our network. This is difficult to do while using DHCP, but I am still doing research.