Security Protection – Harry Waldron MVP Rotating Header Image

SQL Slammer Worm – Activity increases in April

Security experts noted a sudden and unexplained drop in activity for this 8 year old Internet worm during March, but unfortunately this trend was only temporary.

SQL Slammer Worm – Activity increases in April http://blogs.mcafee.com/mcafee-labs/sql-slammer-worm-regains-momentum

QUOTE: At McAfee Labs every day we monitor millions of intrusion prevention systems (IPS) alerts from our sensors around the world. From these alerts, we often see interesting global data and trends. Recently, ISC noticed a sudden decline of Slammer traffic in the wild, which we also noticed on our sensors.

The infamous Slammer was a rapid-spreading worm that started on January 25, 2003. It targeted Microsoft SQL Server, and the worm traveled over UDP on port 1434, which contributes to its rapid spread. It is incredibly noisy, and it really never went away, even though the worm is eight years old!

To our surprise, the amount of traffic that we detect dropped significantly in early March, and we do not yet know the reason for the decline. What we have noticed, however, was that alerts for Slammer started to reappear early this month.

Comments are closed.