Database Journal
MS SQL Oracle DB2 Access MySQL PostgreSQL Sybase PHP SQL Etc SQL Scripts & Samples Links Database Forum

» Database Journal Home
» Database Articles
» Database Tutorials
MS SQL
Oracle
DB2
MS Access
MySQL
» RESOURCES
Database Tools
SQL Scripts & Samples
Links
» Database Forum
» Sitemap
Free Newsletters:
DatabaseDaily  
News Via RSS Feed


follow us on Twitter
Database Journal |DBA Support |SQLCourse |SQLCourse2
 

Featured Database Articles

Database News

Posted Jan 27, 2003

Slammer time - SQL worm brings net to its knees over weekend

By DatabaseJournal.com Staff

[From silicon.com]

A worm that attacks Microsoft's database software spread through the internet over the weekend, causing cash machines to stop issuing money, taking most of South Korea offline, and generally slowing down the internet.

The worm, known as SQL Slammer, takes advantage of a bug that was discovered last July in Microsoft's SQL Server database software. Although a patch has been available since then, many system administrators have failed to install the patch, leaving their computers vulnerable.

The result: chaos.

Anti-virus firm F-Secure said the effects were so marked because the worm generates massive amounts of network packets, overloading servers and routers and slowing down network traffic.

SQL Slammer's code instructs the Microsoft SQL Server to go into an endless loop, continually sending out data to other computers, in effect performing a denial of service attack, F-Secure said, comparing the slowdown to the impact of the Code Red virus, which brought internet traffic to a halt in the summer of 2001.

The first reported attacks of SQLSlammer were recorded around 05:30 GMT on Saturday morning, and it has been subsequently reported in many countries across the globe, said anti-virus firm Messagelabs. Unlike mass-mailing worms, SQL Slammer does not write files to a computer's hard disk but resides in memory. While this makes it easy to remove - a computer simply has to be rebooted - it also makes it difficult for anti-virus software to detect it, said Messagelabs. And as soon as a rebooted computer is reconnected to the internet, it will be vulnerable to reinfection unless it has first been patched.

The article continues at http://www.silicon.com/public/door?REQUNIQ=1043674601&6004REQEVENT=&REQINT1=57184&REQSTR1=newsnow



Database News Archives

Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 




Latest Forum Threads
Database News Forum
Topic By Replies Updated
Efficient SQL Server Indexing by Design lcole 0 April 30th, 12:38 PM
Mine Oracle Database, SQL Server and Other Databases with Monarch Data Pump Pro V10.5 lcole 0 April 30th, 12:37 PM
Oracle Database and Oracle Fusion Middleware for Private Social Network Application lcole 0 April 30th, 12:31 PM
Oracle Database Maintains a Stronghold in the DBMS Market lcole 0 April 30th, 12:30 PM


















Thanks for your registration, follow us on our social networks to keep up-to-date