MS SQL Server Worm Wreaking Havoc

defile writes "Since about midnight EST almost every host on the internet has been receiving a 376 byte UDP payload on port ms-sql-m (1434) from a random infected server. Reports of some hosts receiving 10 per minute or more. internetpulse.net is reporting UUNet and Internap are being hit very hard. This is the cause of major connectivity problems being experienced worldwide. It is believed this worm leverages a vulnerability published in June 2002. Several core routers have taken to blocking port 1434 outright. If you run Microsoft SQL Server, make sure the public internet can't access it. If you manage a gateway, consider dropping UDP packets sent to port 1434." bani adds "This has effectively disabled 5 of the 13 root nameservers."

Re:US Military Intelligence?

[ecalkin]

If it hadn't been for a last minute scud that hit a barracks and killed a bunch of US servicemen, the united states would have killed more of its own soldiers than iraq did. friendly fire may be an oxymoron, but it happens...

the time has come.

[seann]

all you rebel programmers, join together in a glory of defeat and dishonourment.
We will create an Anti-worm! It will counter these attacks, patching, disabling, and even illiminating!

Band together now!!!!!!!!

Re:Who did this I wonder?????

[Ilgaz]

Man/Woman, whoever you are... Now that was genius work, I have never seen such a thing in my life.

btw, feel free to "offtopic" me and waste my karma, I give my karma to that!

MSCE = Microsoft Certifed Solitaire Engineer

[Wolfgang]

Or what else does it mean?