Definition - What does SQL Slammer mean?
SQL Slammer is a worm that targets unpatched Microsoft SQL 2000 servers. The worm spreads between servers, increasing traffic on UDP port 1434 and causing heavy network traffic that can slow down network performance and lead to denial of service. SQL slammer does not carry a destructive payload. Despite its name, it does not use the SQL language.
Home PCs generally aren’t affected by this worm. Because it stays in a system's memory, it is easy to remove.
Techopedia explains SQL Slammer
The 376-byte worm packet only affects SQL servers that are not running SP3, a Windows software service pack that includes a patch to fix the buffer overflow bug the worm exploits. The small piece of worm code generates random IP addresses and sends itself to those addresses from the infected system.
The main symptom of an SQL Slammer infection is high outgoing traffic to UDP 1434. Because the worm was able to fit into one packet, it could be propagated rapidly as computers fired off infected packets. As a result, it caused several denial-of-service attacks in 2002 and 2003. A patch provided by Microsoft in 2002, as well as increased media coverage of this worm, had greatly reduced the risk of infection by 2004.
Channeling the Human Element: Policy, Procedure and Process
Join thousands of others with our weekly newsletter
JOIN US AT THWACKCAMP 2016:
Free Whitepaper: The Path to Hybrid Cloud:
Free E-Book: Public Cloud Guide:
Free Tool: Virtual Health Monitor:
Free 30 Day Trial – Turbonomics: