Inside the Slammer Worm
نویسندگان
چکیده
Slammer (sometimes called Sapphire) was the fastest computer worm in history. As it began spreading throughout the Internet, the worm infected more than 90 percent of vulnerable hosts within 10 minutes, causing significant disruption to financial, transportation, and government institutions and precluding any human-based response. In this article, we describe how it achieved its rapid growth, dissect portions of the worm to study some of its flaws, and look at our defensive effectiveness against it and its successors.
منابع مشابه
Slammer: The First Blitz Worm
On January 25, 2003, the Slammer worm (also known as Sapphire) exploded on the Internet. Within ten minutes, it had taken over 90% of all unpatched computers running SQL Server or MSDE on the Internet. This article looks at several aspects of the Slammer infestation, including how it spread, the damage it caused, the crisis in vulnerability patching that it underscored, and the implications of ...
متن کاملDetecting Worm Propagation Using Traffic Concentration Analysis and Inductive Learning
As a vast number of services have been flooding into the Internet, it is more likely for the Internet resources to be exposed to various hacking activities such as Code Red and SQL Slammer worm. Since various worms quickly spread over the Internet using self-propagation mechanism, it is crucial to detect worm propagation and protect them for secure network infrastructure. In this paper, we prop...
متن کاملWorm Hotspots: Explaining Non-Uniformity in Worm Targeting Behavior
Long after the Blaster, Slammer/Sapphire, and CodeRedII worms caused significant worldwide disruptions, a huge number of infected hosts from these worms continue to probe the Internet today. This paper investigates hotspots (non-uniformities) in the targeting behavior of these important Internet worms. Recent data collected over the period of a month and a half using a distributed blackhole dat...
متن کاملAnalysis of BGP Update Surge during Slammer Worm Attack
Although the Internet routing infrastructure was not a direct target of the January 2003 Slammer worm attack, the worm attack coincided in time with a large, globally observed increase in the number of BGP routing update messages. Our analysis shows that the current global routing protocol BGP allows local connectivity dynamics to propagate globally. As a result, any small number of edge networ...
متن کاملNew Multi-step Worm Attack Model
The traditional worms such as Blaster, Code Red, Slammer and Sasser, are still infecting vulnerable machines on the internet. They will remain as significant threats due to their fast spreading nature on the internet. Various traditional worms attack pattern has been analyzed from various logs at different OSI layers such as victim logs, attacker logs and IDS alert log. These worms attack patte...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IEEE Security & Privacy
دوره 1 شماره
صفحات -
تاریخ انتشار 2003