-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Nothing special here. The worm was just a bit more active scanning for potential customers , so generating large amounts of traffic. A network does not necessarily has to be a candidate to be scanned, it only has to exist. Scanning DOES generate traffic. Add to that , the potential candidates for the worm are servers running a particular software, these servers would normally have ample of bandwidth, this bandwidth being used for scanning for other potential customers will generate extra traffic and so forth. Add to that, the worm was really active, not waiting between scans, just scanning like mad. As for the note about the amateurs, i think the use of the word in this context is not correct. An amateur can know as much, and sometimes more then a pro, the only difference would be the fact that the amateur does not make a living in that field, the pro does. That was my humble opinion :-) Cheers Szemir On Tuesday 04 February 2003 19:08, you wrote: > I found this report on the way Slammer works. It explains that Slammer is > a kind of worm which hasn't really been seen in the wild before. It gives > details on why the worm could disrupt operations on networks which had no > instances of SQL Server 2000 running. > > http://www.caida.org/analysis/security/sapphire/ > > By the way I haven't heard of the people who wrote this document before, > does anybody know if they are competent? I ask because security is a > business with no room for amateurs, and it is a business that has alot of > amateurs in it. > > > > ----- Original Message ----- > From: "Shawn Grover" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, February 04, 2003 2:58 PM > Subject: RE: (clug-talk) vintage os rocks big time :-) > > > Air Traffic Control would require real time data, and possibly store > > information for historical purposes. I doubt a failure in MSSQL would > > cause > > > any real grief to ATC. After all, if the system failed on storing data, > > wouldn't it still need to deal with the real time data? > > > > My thoughts. > > > > Shawn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
iD8DBQE+QIHrsv2SdkgY6dURAlNsAJsHZE0rfok/1dtnYuRK0pNTKZSBBwCgx5NT 1dajVySbjUMRX6QtLsoo/Lc= =XY3G -----END PGP SIGNATURE-----
