KLC Consulting, Inc.
Information Security Services
info@klcconsulting.net 

SQL Slammer Worm Analysis

Tel: 617-921-5410

Translate

Home

About KLC

Services

SMAC

Trojan Analysis Security Resources Spoof MAC Address

Last Update: 02/05/2003


SQL Slammer / Sapphire / SQL Hell / W32.SQLExp.Worm

SQL Slammer send UDP port 1434 packets to attack SQL Server 2000 and MSDE 2000 software flaw.  

SQL Server Service Pack 3, or Microsoft Security Patch Q323875_SQL2000_SP2_en.EXE would prevent this attacks.  The Security Patch was available in July, 2002 by Microsoft.  

This incident again restated the importance of Patch Management on critical servers.  

KLC Consulting, Inc. has the complete Patch Management solutions that will fit your environment and budget.  It may prevent the next Viruse/Worm/Trojan outbreaks like SQL Slammer, Nimda, and Code Red and save you a lot of money and grief.  We will assist you resolving this major issue.  Please send us your contact information and we will contact you within the next business day.


SQL Slammer Worm Advisories / Analysis:

CERT ISS X-force
Microsoft Symantec
McAfee RobertGraham.com

SQL Slammer Removal Tools:

Symantec SQL Slammer Removal Tool

BitDefender

 

SQL Slammer Reverse Engineering:

http://digitaloffence.net/worms/mssql_udp_worm

http://www.boredom.org/~cstone/worm-annotated.txt

http://www.snafu.freedom.org/tmp/1434-probe.txt

http://www.immunitysec.com/downloads/disassembly.txt

http://www.techie.hopto.org/sqlworm.html

http://www.eeye.com/html/Research/Flash/sapphire.txt

 

  Site Meter

 

Copyright 2002-2003 KLC Consulting, Inc..
All rights reserved.