Dissecting the SQL Slammer

By Deane Barker on June 9, 2003

Wired 11.07: Slammed!: Here’s the story that Wired took some heat about. The first page is a harrowing look at the spead of the SQL Slammer virus written in a style that would make Michael Crichton proud. The second page tells you how it works.

“By 12:45 am, huge sections of the Internet began to wink out of existence. Net Access Corporation, one of the Northeast’s largest ISPs, sent out an early SOS: ‘Nearly half our ports are in delta alarm right now.’ Up on the big screen, Maresh could see backbone carrier Level 3’s transcontinental chain of routers trying to find working paths to the rest of the world – and failing. Three hundred thousand cable modems in Portugal went dark, and South Korea fell right off the map: no cell phone or Internet service for 27 million people.”

Microsoft posted this sometime later with further instructions on how to secure SQL Server:

“On June 10, Wired Magazine ran an article titled “Slammed! An Inside View of the Worm that Crashed the Internet in 15 Seconds” (Wired Magazine, July 2003). This article includes a copy of the Slammer worm source code. Publication of the source code could make it possible for someone to create a more damaging variant of the Slammer worm.”