back to article Slammer worm slithers back online to attack ancient SQL servers

One of the world's most famous net menaces, SQL Slammer, has resumed attacking servers some 13 years after it set records by infecting 75,000 servers in 10 minutes, researchers say. The in-memory worm exploits an ancient flaw in Microsoft SQL server and Desktop Engine triggering denial of service, and at the time of its …

  1. Doctor Syntax Silver badge

    "Only a few customers were affected"

    "Your security is important to us"

    "Nation state attack"

    We'll hear all the old familiar lines. I wonder who from...

    1. Adam 1

      No credit card information is believed to have been exposed.

      1. Doctor Syntax Silver badge

        Lessons have been learned.

    2. tr1ck5t3r

      It is interesting. Try this for an experiment.

      Windows 7 hooked up to a Draytek Vigor 120 using ppoe to log onto your broadband connection.

      Only network attacks being blocked is this slammer worm coming in on the SQL port.

      Now boot from a Linux live cd like Ubuntu using same vigor 120 with pope and you'll get loads of different types of network attacks.

      What info is sent out? Windows 7 communicates with MS which adjusts the network icon to say its online.

      Try the same with XP, but remove the time server references from the registery and disable windows updates so theres no apparent communication with the outside world and your XP device will still talk to MS.

      UEFI allows device drivers to be remotely installed irrespective of your OS, and most firewalls communicate whats behind it through DNS lookups in a particular order.

      I do wonder whose really behind these hacks.

      Can a trillionaires billion dollar company be so inept at making software they are still in business and that rich unless they are getting lucrative contracts from Govt to hide the fact the US Tech giants just spy on their users, much like Telco & mobile companies listen into calls and track your movements?

      CEO's & board members have a price to keep quiet about the spying they facilitate which is more than can be said for the dumb twats who work in law enforcement or the spooks for a pittance!

  2. Brian Miller Silver badge

    Bugs? Fixed? Really?

    Wow! A blast from the past. What's next? Oh, yeah, Windows can be taken down with a bad SMB link.

    I guess we do need the ROTM to patch all of the fscking bugs and write good software for us.

    1. Adam 1

      Re: Bugs? Fixed? Really?

      What next? My prediction is an embedded font based vector.

      /Pun not intended but I'm easily amused so I had a chuckle.

    2. Lotaresco Silver badge

      Re: Bugs? Fixed? Really?

      " What's next?"

      Probably time for WinNuke to make a reappearance.

  3. Alister Silver badge

    Slammer attack traffic came from IP addresses in China, Vietnam, and Mexico.

    What we need to do is ban all IP traffic from those countries through our borders, even if they have current visas, and then build a Yuge firewall.

    1. Anonymous Coward
    2. Lotaresco Silver badge

      "What we need to do is ban all IP traffic from those countries through our borders, even if they have current visas, and then build a Yuge firewall."

      This is tremendous news folks. Tremendous. This is the best news. It's the best. I run a company it's the best company in the world. The best. Tremendous. Do my hands look big in this?

  4. davidp231

    All your SQL tables are belong to us?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020