[linux-elitists] MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
Karsten M. Self
Sat Jan 25 00:19:33 PST 2003
on Sat, Jan 25, 2003 at 02:11:41AM -0500, Michael Bacarella (firstname.lastname@example.org) wrote:
> I'm getting massive packet loss to various points on the globe.
> I am seeing a lot of these in my tcpdump output on each
> 02:06:31.017088 220.127.116.11.3047 > 18.104.22.168.ms-sql-m: udp 376
> 02:06:31.017244 22.214.171.124 > 126.96.36.199: icmp: 188.8.131.52 udp port ms-sql-m unreachable [tos 0xc0
> It looks like there's a worm affecting MS SQL Server which is
> pingflooding addresses at some random sequence.
> All admins with access to routers should block port 1434 (ms-sql-m)!
> Everyone running MS SQL Server shut it the hell down or make
> sure it can't access the internet proper!
> I make no guarantees that this information is correct, test it
> out for yourself!
I'm on #debian ATM, this is the topic of some discussion. AU, UK, and
DE seem particularly affected.
Karsten M. Self <email@example.com> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
Keep software free. Oppose the CBDTPA. Kill S.2048 dead.
More information about the linux-elitists