SQL slammer analysed
16th February 2003
Robert Graham’s analysis of SQL Slammer cleared up quite a few things I had been wondering about the worm. It confirms that the majority of the infections were caused not by SQL Server (as reported widely by the press) but by the embedded MSDE component, which is far less likely to be patched (or firewalled off from the public internet) than SQL Server.
Incidentally, Curious Yellow is a fascinating explanation of a theoretical “co-ordinated super-worm” capable of adapting to attempts to combat it using advanced peeer to peer techniques. It is an extension of the Warhol worm concept where a worm that pre-scans the internet for targets could infect all susceptile hots world-wide in less than 30 seconds. Scary stuff.
More recent articles
- Six short video demos of LLM and Datasette projects - 22nd January 2025
- DeepSeek-R1 and exploring DeepSeek-R1-Distill-Llama-8B - 20th January 2025
- My AI/LLM predictions for the next 1, 3 and 6 years, for Oxide and Friends - 10th January 2025