SQL Slammer doing the rounds again?

sradnidge_at_hotmail.com
Date: 11/11/03

Next message: Mike Barushok: "Re: SQL Slammer doing the rounds again?"

Previous message: gerry: "Re: client's TCP port 256 hammered by several hosts- solved!!"
Next in thread: Mike Barushok: "Re: SQL Slammer doing the rounds again?"
Reply: Mike Barushok: "Re: SQL Slammer doing the rounds again?"
Reply: Damian Lennon: "RE: SQL Slammer doing the rounds again?"
Maybe reply: Jim Harrison (ISA): "RE: SQL Slammer doing the rounds again?"
Maybe reply: Jim Harrison (ISA): "RE: SQL Slammer doing the rounds again?"
Maybe reply: Thompson, Jimi: "RE: SQL Slammer doing the rounds again?"
Maybe reply: David LeBlanc: "RE: SQL Slammer doing the rounds again?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 11 Nov 2003 02:03:12 -0000
To: incidents@securityfocus.com

('binary' encoding is not supported, stored as-is)

Hi all,

We seem to be noticing a large increase on UDP 1434 across our enterprise worldwide, first starting in Europe, then spreading to the Americas and now looks to be heading our way in Asia. Anyone else seen a resurgence in this Slammer-like activity?

Cheers

Stuart

---------------------------------------------------------------------------
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_incidents_031023
and use priority code SF4.
----------------------------------------------------------------------------

Next message: Mike Barushok: "Re: SQL Slammer doing the rounds again?"

Previous message: gerry: "Re: client's TCP port 256 hammered by several hosts- solved!!"
Next in thread: Mike Barushok: "Re: SQL Slammer doing the rounds again?"
Reply: Mike Barushok: "Re: SQL Slammer doing the rounds again?"
Reply: Damian Lennon: "RE: SQL Slammer doing the rounds again?"
Maybe reply: Jim Harrison (ISA): "RE: SQL Slammer doing the rounds again?"
Maybe reply: Jim Harrison (ISA): "RE: SQL Slammer doing the rounds again?"
Maybe reply: Thompson, Jimi: "RE: SQL Slammer doing the rounds again?"
Maybe reply: David LeBlanc: "RE: SQL Slammer doing the rounds again?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: Probable Trojan.
... When you do a netstat -an from the command prompt, do you see the UDP ... "The Thief" Trojan runs on TCP port 1053, and since this is UDP I doubt ... Network with over 10,000 of the brightest minds in information security ... most highly-anticipated industry event of the year. ...
(Incidents)
Probable Trojan.
... Have a buddy complaining about his AOL account password being stolen every time he logs onto AOL from his PC at work. ... 1688 IEXPLORE -> 1191 UDP C:\Program Files\Internet Explorer\IEXPLORE ... Network with over 10,000 of the brightest minds in information security ... most highly-anticipated industry event of the year. ...
(Incidents)
RE: CEH and Intense School
... Q-How many times has this course been delivered ... You want more than 4 to know the bugs are ironed out in labs and so on. ... Network with over 10,000 of the brightest minds in information security ... most highly-anticipated industry event of the year. ...
(Pen-Test)
Re: strange ftp site
... >Network with over 10,000 of the brightest minds in information security ... most highly-anticipated industry event of the year. ... Learn more or register at ... >and use priority code SF4. ...
(Incidents)
Re: Pen-testing remote VPN services over IP
... Check out IKEcrack from Anton Rager. ... >Chris McNab ... >Network with over 10,000 of the brightest minds in information security ... most highly-anticipated industry event of the year. ...
(Pen-Test)