if you have a firewall, use it. my firewall has goten an unbeleivable amount of pings and using ip-tracker, they are from around the world. even if you have sql server 2000 patched, you will still continue to receive ping-attacks from as many sources to as many ports. Once the worm gets control on the target computer it loads WS2_32.DLL and starts to continually send itself to port 1434/udp of a randomly selected IP targets in an infinite loop. The IP of a victim is constructed using 'GetTickCount' API and is purely random. This propagation strategy consumes a lot of network bandwith because the vast majority of requests go to the Internet. The worm exists only in memory and does not modify any local files.