The CodeRed computer worm failed to slow Internet traffic last night as anticipated. However, security experts will continue to monitor the worm's trek through the Internet to gauge its impact.

The worm activated on July 31st at 8 pm (EST) as predicted and began to scan the Internet for vulnerable systems, according to the CERT Coordination Center, a security watch group.

However during its early progression, the worm failed to severely degrade Web performance, as the Federal government and industry groups had feared. The worm's potential is still unkown and security experts at CERT continue to analyze its activity, according to Marty Lindner, team leader of incident handling for CERT.

CERT received reports today that indicate the number of compromised systems is increasing, and there is a potential for a large number of machines to be affected. The number of machines currently affected is in the tens of thousands, according to CERT.

Still officials are hoping that heightened attention of the worm's potential threat by government and industry groups will help prevent the worm from propagating itself throughout the Internet, industry experts noted.

Earlier in the week Ronald Dick, director of the FBI's National Infrastructure Protection Center (NIPC) and other industry groups urged organizations to install a vital patch from Microsoft that would prevent vulnerable systems from being infected.

The CodeRed worm, which surfaced in mid July, exploits a flaw in Microsoft Information Internet Server (IIS) software -- versions 4.0 and 5.0 running on Windows NT 4.0 and Windows 2000 servers -- to turn infected systems into launching pads for denial-of service attacks on Web sites. The White House averted such an attack on July 19th by redirecting traffic to a different IP address.

Microsoft reported that one million users have downloaded the patch that fixes the hole in IIS software.

GGS Information Services, a York, Pa-based information management company installed the patch Tuesday evening after heeding the warnings. "I feel confident that we are protected as long as no [stronger CodeRed] variants come along," said John Evans, a network systems administrator at the company.

But viruses are getting more sophisticated, he noted. "We have to get smarter" to prevent them. Unlike viruses that require a user to open an e-mail attachment to be infected, the CodeRed worm can enter a system undetected through Web traffic.As a result, Evans is evaluating an antivirus appliance from McAfee that sits at the entry point into a network and scans incoming HTTP traffic for anomalies such as the CodeRed worm.