Re: Massive SQL Server attack

From: Bob A. Schelfhout Aubertijn MCSE (bobsklfk@NOSPAMquicknet.nl)
Date: 01/25/03

Next message: Chris Gilbert: "Re: PEAP-MS-CHAP V2 or EAP-TLS for Wireless Encryption"
Previous message: Bob A. Schelfhout Aubertijn MCSE: "Re: Massive SQL Server attack"
In reply to: Clint: "Massive SQL Server attack"
Next in thread: Benn Wolff: "Re: Massive SQL Server attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Bob A. Schelfhout Aubertijn MCSE" <bobsklfk@NOSPAMquicknet.nl>
Date: Sat, 25 Jan 2003 15:26:16 +0100

SOPHOS WARNS OF SQLSLAMMER INTERNET WORM

Sophos is advising companies to ensure their systems are up-to-date with
the latest security patches in response to a new internet worm
called W32/SQLSlam-A or SQLSlammer.

The worm relies upon a security vulnerability in some versions of Microsoft
SQL server, and creates traffic on UDP port 1434.

Sophos advises companies to ensure their systems are up-to-date with the
latest security patches, including the patch from Microsoft to protect
against the vulnerability exploited by the worm:
http://www.microsoft.com/technet/security/bulletin/MS02-039.asp

Sophos has posted more information about the worm at
http://www.sophos.com/link/slammer

Sincerely

Sophos technical support

--
repost in NG
Bob A. Schelfhout Aubertijn
======================================================
Please reply to the newsgroup only so that others can learn from this issue.
This message is provided "as is", with absolutely no warranties.
If this post or another solves your problem in any way, or gives you new ideas,
please have the common decency to inform the newsgroup of your farings.
We don't charge extra for being polite.  ;-)
======================================================

Next message: Chris Gilbert: "Re: PEAP-MS-CHAP V2 or EAP-TLS for Wireless Encryption"
Previous message: Bob A. Schelfhout Aubertijn MCSE: "Re: Massive SQL Server attack"
In reply to: Clint: "Massive SQL Server attack"
Next in thread: Benn Wolff: "Re: Massive SQL Server attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Nasty Virus Writers Get Even Nastier
... Thus far this year, Sophos has detected nearly 8,000 new viruses, up ... the average time from initial release to widespread infection is ... Gregg Mastoras, ... The long-running Zafi-D worm accounts for more than a quarter of all ...
(comp.dcom.telecom)
SOPHOS REPLY: RE: Gokar Worm?
... A virus identity file which provides protection is ... into the February 2002 release of Sophos Anti-Virus. ... affected by this worm. ... default.htm (which will be the home page of the website if the ...
(Incidents)
Re: New Worm/Variant -- MSDTC32?
... >>http://www.dials.ru/english/www_av/ which also detected this file as an Agobot variant. ... It still does not detect this worm. ... Here's what Sophos wrote: ... This IDE file also includes detection for: ...
(comp.security.misc)
Re: New Worm/Variant -- MSDTC32?
... > to supposedly provide protection against this variant. ... > not detect this worm. ... Did you put the IDE in the Sophos Sweep directory? ...
(comp.security.misc)
Re: suspicious email
... If you are infected by the w32.swen.@mm worm, ... >>Microsoft Policies on Software Distribution ... >>Information on Bogus Microsoft Security Bulletin Emails ... >>> Microsoft which porport to contain security patches. ...
(microsoft.public.security.virus)