SQL Slammer Worm Spread Worldwide in 10 Minutes

By Derek Sooman on February 6, 2003, 10:15 AM
It appears that the alarming rate with which the SQL Slammer Worm moved over the globe now [COLOR=royalblue]"[makes] it the fastest-spreading computer infection ever seen, researchers said on Tuesday."[/COLOR]

In order to clarify some earlier "facts" that I bounded around, it appears that the Worm "nearly cut off Web access in South Korea", and "doubled the number of computers it infected every 8.5 seconds in the first minute of its appearance." according to a source here.

Another article here claims that [COLOR=royalblue]"Security experts and government officials agree that the unprecedented disruption of services by the SQL Slammer worm last week exposed the inherent flaws in the Internet and the domino effect that a few unprotected servers can have on the rest of the network."[/color]

Evidently, some lessons must be learned from this, and some new policies put into place. The Internet was designed to withstand the effects of a Nuclear War, but may not be as invulnerable to the effects of malicious programming as we would like.

I am also sure that, like the case of the "Melissa" virus, the people responsible for this will be found, and no doubt sent to jail for a very long time.




User Comments: 4

Got something to say? Post a comment
---agissi--- said:
World Wide in 10 mins eh.....thats nothing short of [insane]. I wanna know who wrote it, must have been smart.
DaveSylvia said:
[quote][i]Originally posted by ---agissi--- [/i][b]...I wanna know who wrote it, must have been smart. [/b][/quote] [url]http://www.anandtech.com/news/webnews.html?newdate=2%2F
%2F2003&frontid=#18166[/url]David Litchfield of NGS Software who's code was probably used for the recent SQL Slammer bug maintains that though it crippled some systems, it reveals important security flaws in Micosoft's SQL software that needs to be addressed. [i]"In the light that someone has taken my code and put portions of it to nefarious purposes, I have to question the benefit of publishing sample code," he wrote. "A massive failure of the emergency services computers such as 911/999 could result in someone's death--and I don't want to feel that I've contributed to that." On Tuesday, however, Litchfield said he had decided that the publication of sample code is necessary to keep networks and computers secure, arguing that secrecy is really no protection. His comments will not be welcomed by some in the security and antivirus communities, who see proof-of-concept publication as giving virus writers a helping hand. [/i][url]http://zdnet.com.com/2100-1105-983602.html[/url]
Vehementi said:
Man, that really is insane! 10 minutes?! 8)[i]"doubled the number of computers it infected every 8.5 seconds in the first minute of its appearance."[/i]Wow.
Mictlantecuhtli said:
I wonder when this kind of things will teach people to change their M$ servers to more secure (and usually free) alternatives..
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.