Esato Mobile
General discussions : Non mobile discussion : SQL worm !!!!!
Index Menu
Sign in
> New Topic
> Reply
< Esato Forum Index > General discussions > Non mobile discussion > SQL worm !!!!! Bookmark topic
Jim Posts: > 500

Last night (friday) a SQL server worm broke out and its coming in on SQL port 1434 then flooding it and bringing the server to its knees and won't respond to other services.

Shut it off and patch NOW. It seems to have impact in whole Internet performance.

This affects every server, not just due to the SQL worm, but due to it killing major ISP backbones causing sites to go down.

All .NET passports with '@msn.com' ending are down, too. '@hotmail.com' works temporary ----> Microsoft has fixed this with a temp server

So if you have a server with SQL, shut it down and patch it oh and don't worry if internet is slow it's the worm


CNN.com

WASHINGTON (AP) -- Traffic on the many parts of the Internet slowed dramatically for hours early Saturday, the apparent effects of a fast-spreading, virus-like infection that overwhelmed the world's digital pipelines and interfered with Web browsing and delivery of e-mail.

Sites monitoring the health of the Internet reported significant slowdowns globally. Experts said the electronic attack bore remarkable similarities to the "Code Red" virus during the summer of 2001 which also ground traffic to a halt on much of the Internet.

"It's not debilitating," said Howard Schmidt, President Bush's No. 2 cyber-security adviser. "Everybody seems to be getting it under control." Schmidt said the FBI's National Infrastructure Protection Center and private experts at the CERT Coordination Center were monitoring the attacks.

The virus-like attack, which began about 12:30 a.m. EST, sought out vulnerable computers on the Internet to infect using a known flaw in popular database software from Microsoft Corp., called "SQL Server 2000." But the attacking software code was scanning for victim computers so randomly and so aggressively -- sending out thousands of probes each second -- that it overwhelmed many Internet data pipelines.

"This is like Code Red all over again," said Marc Maiffret, an executive with eEye Digital Security, whose engineers were among the earliest to study samples of the attack software. "The sheer number of attacks is eating up so much bandwidth that normal operations can't take place."

"The impact of this worm was huge," agreed Ben Koshy of W3 International Media Ltd., which operates thousands of Web sites from its computers in Vancouver. "It's a very significant attack."

Koshy added that, about six hours after the attack, commercial Web sites that had been overwhelmed were starting to come back online as engineers began effectively blocking the malicious data traffic.

"People are recovering from it," Koshy said.

Symantec Corp., an antivirus vendor, estimated that at least 22,000 systems were affected worldwide.

"Traffic itself seems to have leveled off a little bit, so likely only so many systems are exposed out there," said Oliver Friedrichs, senior manager with Symantec Security Response. The attacking software, technically known as a worm, was overwhelming Internet traffic-directing devices known as routers.

"The Internet is still usable, but we're definitely receiving reports from some of our customers who have had it affect their routers specifically," Friedrichs said.

The attack sought to take advantage of a software flaw discovered by researchers in July 2002 that permits hackers to seize control of corporate database servers. Microsoft deemed the problem "critical" and offered a free repairing patch, but it was impossible to know how many computer administrators applied the fix.

"People need to do a better job about fixing vulnerabilities," Schmidt said.

The latest attack was likely to revive debate within the technology industry about the need for an Internet-wide monitoring center, which the Bush administration has proposed. Some Internet industry executives and lawyers said they would raise serious civil liberties concerns if the U.S. government, not an industry consortium, operated such a powerful monitoring center.


[ This Message was edited by: Jim on 2003-01-26 10:29 ]
--
Posted: 2003-01-26 11:23:00
Edit : Quote

mariolouis Posts: 387

made me reformat my pc!!!
--
Posted: 2003-01-26 14:00:00
Edit : Quote

amagab Posts: > 500

no worries
--
Posted: 2003-01-26 14:18:00
Edit : Quote
New Topic   Reply
Forum Index

Esato home