Firewall and new sasser worm

[Joel Hammer]

According to what I read, the Sasser worm scans port
445 tcp.  I run a firewall on my linux gateway box. It
blocks almost all ports, including 445.

So, my windows laptop sitting behind the firewall should
be safe, right?

Two questions:

1. Why would anybody allow port 445 to be exposed on
the internet?

2. What does the Sasser worm look like in a firewall
log? I can't find any hits in my log on ports 445 since
April 26th. In fact,  I have recorded no tcp hits in the
1:1023 range on my firewall in the last twelve hours.

     Could Comcast be filtering these things out? Seems
     doubtful, since I got a notice from Comcast telling
     its MS users to get the newest patch from MS
     yesterday. The Comcast advisory stated that Mac's
     weren't affected. It didn't mention linux, and I
     didn't reply to them that linux is OK because I don't
     want them to notice me. Comcast doesn't support linux.

Joel