Slashdot Mirror

← Back to Stories (view on slashdot.org)

Why Old SQL Worms Won't Die

Posted by ScuttleMonkey on from the looking-for-a-user-security-patch dept.

narramissic writes "In a recent ITworld article, Security researcher Brent Huston ponders how it is that versions of SQL worms dating back to 2002 represent nearly 70% of all malicious traffic on the Internet today. 'I have made a few attempts to backtrack hosts that perform the scans and at first blush many show the signs of common botnet infections. Most are not running exposed SQL themselves, so that means that the code has likely been implemented into many bot-net exploitation frameworks. Perhaps the bot masters have the idea that when they infiltrate a commercial network, the SQL exploits will be available and useful to them? My assessment team says this is pretty true. Even today, they find blank "sa" passwords and other age-old SQL issues inside major corporate clients. So perhaps, that is why these old exploits continue to thrive."

3 of 64 comments (clear)

  1. of course by stoolpigeon · · Score: 4, Funny

    cut them in half and now you just have 2 worms! stop the madness!

    --
    It's hard to believe that's how Micronians are made. Why don't we see it right now by having you both kiss one another?
  2. Team 17 just made it too good by Alzheimers · · Score: 3, Funny

    What can I say? Team 17 made it a fun, accessible, simple yet requiring thought and strategy. The later 3D versions had problems with the camera, and the humor never matched up to the original.

  3. pulling the worms out by Gary+W.+Longsine · · Score: 2, Funny

    Your metaphor is creepy. I won't be using it in any marketing campaigns.

    --
    If you mod me down, I shall become more powerful than you could possibly imagine.