Big Trouble on the Net Today
#1
Scooby Regular
Thread Starter
Join Date: Dec 2001
Location: Arborfield, Berkshire
Posts: 12,387
Likes: 0
Received 0 Likes
on
0 Posts
If youve noticed the Net being slow today it looks like yet another worm has been released causing chaos on internet links worldwide. Looks like its something to do with SQL on Port 1434.
No reports on the register etc as yet but believe me this is big!
Simon.
No reports on the register etc as yet but believe me this is big!
Simon.
#2
Scooby Regular
Thread Starter
Join Date: Dec 2001
Location: Arborfield, Berkshire
Posts: 12,387
Likes: 0
Received 0 Likes
on
0 Posts
It looks like everyone is suffering from a Distributed Denial of
Service attack. It seems to be related to MS SQL servers that suddenly start sending loads of UDP traffic to random IP addressess on port 1434. This keeps on increasing, eventually maxing out links.
Simon.
Service attack. It seems to be related to MS SQL servers that suddenly start sending loads of UDP traffic to random IP addressess on port 1434. This keeps on increasing, eventually maxing out links.
Simon.
Trending Topics
#10
Scooby Regular
Thread Starter
Join Date: Dec 2001
Location: Arborfield, Berkshire
Posts: 12,387
Likes: 0
Received 0 Likes
on
0 Posts
We have loads of customers shutting their routers off due to the problems its causing them. Doesnt seem thay many customers are aware as yet. Im off for 5 days on monday so Ill miss the aftermath - ah joy!
#11
Scooby Regular
Join Date: Sep 2001
Location: Kingston ( Surrey, not Jamaica )
Posts: 4,670
Likes: 0
Received 0 Likes
on
0 Posts
One of our rotating banner providers has been down since 05:30 this morning ~ had to come into the office to put in some workarounds .. grrrrrr
Steve
Steve
#12
Where do you work P1Fan...
We got totally fcuked today, costs a lot of cash in my game.
But me not being IT I just get to sit here looking stoopid whilst IT runs round pulling wires out of stuff
oh well....at least someone left a copy of evo lying around
We got totally fcuked today, costs a lot of cash in my game.
But me not being IT I just get to sit here looking stoopid whilst IT runs round pulling wires out of stuff
oh well....at least someone left a copy of evo lying around
#13
Scooby Regular
Thread Starter
Join Date: Dec 2001
Location: Arborfield, Berkshire
Posts: 12,387
Likes: 0
Received 0 Likes
on
0 Posts
I work for WorldCom mate. We knew about it just after midnight. Didnt impact our network that much as we got filters up to reduce traffic.
Simon.
Simon.
#14
Dunno.... but it is causing real trouble here, think we have a load of people from Siemens here sorting stuff.
Apparently BT lost a lot of systems... but I don't really know what I am talking about
Apparently BT lost a lot of systems... but I don't really know what I am talking about
#17
Scooby Regular
Thread Starter
Join Date: Dec 2001
Location: Arborfield, Berkshire
Posts: 12,387
Likes: 0
Received 0 Likes
on
0 Posts
#19
Scooby Regular
Thread Starter
Join Date: Dec 2001
Location: Arborfield, Berkshire
Posts: 12,387
Likes: 0
Received 0 Likes
on
0 Posts
Its looking ok at the moment. I cant say exactly what happened as its more than my jobs worth posting that sort of stuff on a public bbs. If you look on the register it should give you the lowdown.
Simon.
[Edited by P1Fanatic - 25/01/2003 19:40:17]
Simon.
[Edited by P1Fanatic - 25/01/2003 19:40:17]
#20
Scooby Regular
Thread Starter
Join Date: Dec 2001
Location: Arborfield, Berkshire
Posts: 12,387
Likes: 0
Received 0 Likes
on
0 Posts
#22
And Barclaycard, Commerzbank, Citibank, EdF, London Electricity, Transco.....they're just a few! **** and they are only some of the 24/7 places that have weekend people to pick up on it.
Monday will be chaos in London.... no central line and all the computers hacked.
Monday will be chaos in London.... no central line and all the computers hacked.
#23
Moderator
iTrader: (2)
This threat has a special Risk Assessment - it is "High" only for unpatched systems (only affects SQL servers not running SP3):
After the week I've just had & now being on holiday, I'm sure as hell glad I've got SP3 running - that & lots of other protection...
Phew...
#24
We were supposed to be patched though.... Que???? We spend fecking loads (I mean really lots) on IT, what a pi55 take!
Dunno...think there were some computers running SQL analytics type jobs (I'm no IT honcho in case you couldn't tell) and they got it in the data they were downloading (weather data i think???)
[Flame Suit Donned] I find it fascinating though... you know in the same way you can find those master criminal roberies...even though you cannot condone the action or the cost to innocent people etc etc
Night people.... H
[Edited by Houlbt - 1/25/2003 11:42:27 PM]
Dunno...think there were some computers running SQL analytics type jobs (I'm no IT honcho in case you couldn't tell) and they got it in the data they were downloading (weather data i think???)
[Flame Suit Donned] I find it fascinating though... you know in the same way you can find those master criminal roberies...even though you cannot condone the action or the cost to innocent people etc etc
Night people.... H
[Edited by Houlbt - 1/25/2003 11:42:27 PM]
#27
Scooby Regular
#28
Scooby Regular
Join Date: Sep 1999
Location: In the garage or in bed
Posts: 7,278
Likes: 0
Received 0 Likes
on
0 Posts
Miles
[img]images/smilies/mad.gif[/img]That fookin site has the habbit filling your screen with **** knows how many popups[img]images/smilies/mad.gif[/img] I wish i could **** there servers up somehow as that sort of thing realy gets on my t1ts and it's almost as bad as junk mail through the post[img]images/smilies/mad.gif[/img]
Huxley
[img]images/smilies/mad.gif[/img]That fookin site has the habbit filling your screen with **** knows how many popups[img]images/smilies/mad.gif[/img] I wish i could **** there servers up somehow as that sort of thing realy gets on my t1ts and it's almost as bad as junk mail through the post[img]images/smilies/mad.gif[/img]
Huxley