Code Red seems to be back.

[John Young]

The worm hit Cryptome at 8:43 AM EST and is now sucking
at a rate of about 90% of the load. As others have noted,
the bulk of the hits appear to be coming from our own
ISP, either by design or by spoofing the origin. Our server
is on Apache but the worm generates endless errors
attempting to find holes in IIS.

Pervasive DDoS attacks are reportedly underway at gov 
sites. We are not seeing an unusual number of that type.