Re: Win32/SQLSlammer.virus
From: Michael Irwin (mirwin@onebox.com)
Date: 03/05/03
- Next message: Bhikku: "How to shut down port # 1434?"
- Previous message: Bhikku Mhatre: "Re: not creating tables as dbo anymore ?"
- In reply to: Michael Irwin: "Re: Win32/SQLSlammer.virus"
- Next in thread: Steve Anderson: "Re: Win32/SQLSlammer.virus"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Michael Irwin" <mirwin@onebox.com> Date: Wed, 5 Mar 2003 07:30:26 -0800
<oops> ! Please ignore above post: I've found the answer
(no, it doesn't concern SQL Server 7) over on the Security
Tools forum.
Thanks
Mike
>-----Original Message-----
>Hi Don,
>
>Just a quick one regarding the Slammer; is MS SQL Server
7
>(sp4) susceptable to it too ? I ask because I haven't
>found any MS patches for SQL Server 7, but I haven't
found
>any advice from MS saying anything like "SQL Server 7 is
>vulnerable, but we're not issuing any protection - get
>2000 !"
>
>TIA
>
>Mike
>
>
>>-----Original Message-----
>>
>>The best tools for determining if you are vulernable to
>the Slammer worm are
>>here:
>>
>>http://www.microsoft.com/security/slammer.asp
>>
>>That page also includes a link to the "SQL Server
>Critical Update Wizard",
>>which will upgrade vulernable versions of SQL Server to
>have the patch for
>>the Slammer virus.
>>
>>So, first use the tool to determine if you are
>vulnerable. If you are
>>vulnerable, apply the patch.
>>
>>If the tool says you aren't vulnerable, you almost
>certainly aren't. In
>>that case, you'll need to examine other possibilities
for
>why your machine
>>is not working properly. If you are running WinXP, then
>I would suggest
>>launching the "taskmgr.exe" program, switching to
>the "Processes" tab, and
>>clicking on the "CPU" column twice to sort the display
by
>the amount of CPU
>>time (displayed as a percentage) being used by
>processes. Is there a single
>>process which is using 90% or more CPU? What is the
name
>of that process?
>>If there is no single process using significant amounts
>of CPU, I would next
>>sort on the "Mem Usage" column, and see if you have an
>app which is
>>consuming huge amounts of memory.
>>
>>--Don
>>
>>--
>>This posting is provided "AS IS" with no warranties, and
>confers no rights.
>>
>>
>>
>>"Steve" <sasea47@msn.com> wrote in message
>>news:07af01c2e1e8$605412a0$3401280a@phx.gbl...
>>> This is my third post. The slammer is slowly eroding
my
>>> ability to respond by email. So, this may be my last
>>> message until I totally rebuild my system. I have had
>>> several advices on how to rid my system,....nothing has
>>> worked. So please help, otherwise I have no options
>>> other than to try and rebuild my computer. Read two
>>> other posts I have sent.
>>>
>>> I run WindowsXPProfessional with OfficeXPProfessional.
>It
>>> was built by DELL and I have MSDEVELOPE7 installed. I
>do
>>> not have SQLSERVER or DESKTOPENGINE, so this has been
>>> confusing. I do have MSDASQL.DLL & RLL along with
>>> SQLSERV32.DLL & RLL. But I do not have MSSQL*
>>>
>>> I have BlackIce Firewall with my UDP 1434 port turned
>off
>>> (2weeks now). So theoretically I shouldn't have the
>>> worm. It's possible that the EZVirus protection I have
>>> isn't identifying this correctly. I sent them a
>>> response, but haven't heard back. I can't access my
>>> email now, so would have to wait until I get back to
>work
>>> to find that out.
>>> Any suggestions would help.
>>>
>>> Thanks,
>>> Steve
>>
>>
>>.
>>
>.
>
- Next message: Bhikku: "How to shut down port # 1434?"
- Previous message: Bhikku Mhatre: "Re: not creating tables as dbo anymore ?"
- In reply to: Michael Irwin: "Re: Win32/SQLSlammer.virus"
- Next in thread: Steve Anderson: "Re: Win32/SQLSlammer.virus"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
