Weekend's Worm: It's finally over!

[Prof.Wizard]

Jeez, these past 3 days I wasn't able to surf at all. Damn worm, it said it wasn't affecting Europe so much but I guess it found its way somehow.

I noticed however one thing: although most server-to-client uses (Internet pages, Outlook, ICQ, MSN Messenger, etc.) were hampered, peer-to-peer connections (Kazaa, SoulSeek, etc.) were working impeccably. I think this is the real power of NOT relying on servers but near supernodes.

What do you think?

 

[Mercutio]

Traffic is traffic, Prof.
The internet was just as clogged from the billions of UDP packets SQL Slammer sent out as it would've been by the more traditional attacks that Code Red initiated.

Distributed servers help allieviate traffic, of course, but all the supernodes in the world wouldn't help in places where the worm hit hard.

 

[Handruin]

I patched all my SQL servers yesterday. They aren't production environments, so I don't bother to stay up to date. But in a case like this it makes sense. They are also not visible to anyone outside of my work, so it wasn't a huge priority.

 

[Fushigi]

I patched all my SQL servers yesterday. They aren't production environments, so I don't bother to stay up to date. But in a case like this it makes sense. They are also not visible to anyone outside of my work, so it wasn't a huge priority.

We also block the SQL port at the firewall and as such we weren't impacted by the worm. The patch, though, is being applied regardless if it was not already installed.

- Fushigi

 

[Cliptin]

I found it interesting that not just SQL servers were affected.

All systems that use Microsoft Data Engine (MSDE 2000) are also open
to exploitation by this worm. The following is a list of some
applications that also install MSDE:

Microsoft Age of Mythology
Microsoft Biztalk Server
Microsoft Office XP Developer Edition
Microsoft Project
Microsoft SharePoint Portal Server
Microsoft Visio 2000
Microsoft Visual FoxPro
Microsoft Visual Studio.NET
Microsoft .NET Framework SDK
Compaq Insight Manager
Crystal Reports Enterprise
Dell OpenManage
HP Openview Internet Services Monitor
McAfee Centralized Virus Admin
McAfee Epolicy Orchestrator
Trend Micro Damage Cleanup Server
Websense Reporter
Veritas Backup Exec
WebBoard Conferencing Server
+
Cisco Building Broadband Service Manager 5.1
Cisco Building Broadband Service Manager 5.0
Cisco Call Manager 3.3
Cisco E-Mail Manager
Cisco Intelligent Contact Management 5.0
Cisco Unity Server 4.0
Cisco Unity Server 3.3
Cisco Unity Server 3.2
Cisco Unity Server 3.1
Cisco Unity Server 3.0
Microsoft SQL Server 2000 SP2
Microsoft SQL Server 2000 SP1
Microsoft SQL Server 2000
Microsoft SQL Server 2000 Desktop Engine
+ Microsoft Visio Enterprise Network Tools
+ SmartMax Software MailMax 5.0
Microsoft Windows 2000 Advanced Server SP3
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server SP3
Microsoft Windows 2000 Datacenter Server SP2
Microsoft Windows 2000 Datacenter Server SP1
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional SP3
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server SP3
Microsoft Windows 2000 Server SP2
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server
Microsoft Windows 2000 Server Japanese Edition
Microsoft Windows NT Enterprise Server 4.0SP6a
Microsoft Windows NT Enterprise Server 4.0SP6
Microsoft Windows NT Enterprise Server 4.0SP5
Microsoft Windows NT Enterprise Server 4.0SP4
Microsoft Windows NT Enterprise Server 4.0SP3
Microsoft Windows NT Enterprise Server 4.0SP2
Microsoft Windows NT Enterprise Server 4.0SP1
Microsoft Windows NT Enterprise Server 4.0
Microsoft Windows NT Server 4.0SP6a
Microsoft Windows NT Server 4.0SP6
Microsoft Windows NT Server 4.0SP5
Microsoft Windows NT Server 4.0SP4
Microsoft Windows NT Server 4.0SP3
Microsoft Windows NT Server 4.0SP2
Microsoft Windows NT Server 4.0SP1
Microsoft Windows NT Server 4.0
Microsoft Windows NT Terminal Server 4.0SP6a
Microsoft Windows NT Terminal Server 4.0SP6
Microsoft Windows NT Terminal Server 4.0SP5
Microsoft Windows NT Terminal Server 4.0SP4
Microsoft Windows NT Terminal Server 4.0SP3
Microsoft Windows NT Terminal Server 4.0SP2
Microsoft Windows NT Terminal Server 4.0SP1
Microsoft Windows NT Terminal Server 4.0alpha
Microsoft Windows NT Terminal Server 4.0
Microsoft Windows NT Workstation 4.0SP6a
Microsoft Windows NT Workstation 4.0SP6
Microsoft Windows NT Workstation 4.0SP5
Microsoft Windows NT Workstation 4.0SP4
Microsoft Windows NT Workstation 4.0SP3
Microsoft Windows NT Workstation 4.0SP2
Microsoft Windows NT Workstation 4.0SP1
Microsoft Windows NT Workstation 4.0
Microsoft Windows XP
+ Microsoft Windows XP Home
+ Microsoft Windows XP Professional
Microsoft Windows XP 64-bit Edition SP1
Microsoft Windows XP 64-bit Edition
Microsoft Windows XP Home SP1
Microsoft Windows XP Home
Microsoft Windows XP Professional SP1
Microsoft Windows XP Professional

 

[James]

Until the backbone filters went in C&W was seeing over 500Mb/s of worm traffic on some interfaces.

 

[Buck]

Pheew, good thing Microsoft's Age of Empires was not affected.

 

[honold]

it is rather bad that windowsupdate doesn't encompass all their products as liveupdate does with symantec's.

there are *TONS* of people out there with vulnerable mdacs.

 

[Prof.Wizard]

it is rather bad that windowsupdate doesn't encompass all their products as liveupdate does with symantec's.

there are *TONS* of people out there with vulnerable mdacs.

honold's got a point. I hope they do implement a LiveUpdate sys in XP2.

 

[Pradeep]

it is rather bad that windowsupdate doesn't encompass all their products as liveupdate does with symantec's.

there are *TONS* of people out there with vulnerable mdacs.

honold's got a point. I hope they do implement a LiveUpdate sys in XP2.

Just so long as the LiveUpdate whodad doesn't check for the validity of your subscription and refuse to update after 90 days/1 year!