LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Ubuntu debuts its Upstream Report

openSUSE and the distribution of proprietary software

LPC: What's happening with webcams

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

The MS-SQL worm: lessons for free software

The MS-SQL worm: lessons for free software

Posted Feb 6, 2003 17:58 UTC (Thu) by pflugstad (subscriber, #224)
In reply to: The MS-SQL worm: lessons for free software by AnswerGuy
Parent article: The MS-SQL worm: lessons for free software

Note that in order for connection rate limiting to have helped in the case of SQL Slammer, it would have had to limit UDP packets, as SQL Slammer used UDP. Not impossible, but unlikey.

I totally agree with you otherwise.

On a seperate note, the major reason SQL Slammer propagated as fast as it did was because it was UDP based. This let each infected host send probes to 100's or even 1000's of IP addresses each SECOND. It didn't have to wait for the normal TCL 3-way handshake to go on, dramatically increasing it's ability to spread.

Pete

(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds