'Slammer' worm brings Web to a crawl
Worm exploited
known weakness in Microsoft software
Feb.
2, 2003
By
JIM BROOKS
Computer
servers around the world were brought to their knees recently by
a computer bug that targeted a known flaw in a version of Microsoft
server software.
Experts
say more than 250,000 computers worldwide were affected the weekend
of Jan. 25th by a fast-spreading computer worm called SQL Slammer.
The bug took advantage of a well-known weakness in Microsoft's SQL
Server 2000 database software, overloading servers until they could
barely function.
The
SQL Slammer (also known as "Sapphire") hit South Korea
and other parts of Asia hardest. There were reports of computer
servers around the globe suffering from the worm's effects.
From
an infected server, the SQL Slammer sent out data requests to random
Internet addresses in a search for other servers that could be infected.
The process created a flood of traffic, which slowed down networks
and Internet traffic.
The
worm affected only servers running the SQL (pronounced "see-quill")
Server 2000 software. It did not affect desktop computers.
A computer
worm differs from a computer virus in that a worm generally attempts
to spread itself without human intervention. For example, some computer
worms will find a user's e-mail address book and automatically mail
itself to every address listed.
The
security hole the worm took advantage of had been identified more
than six months ago. Microsoft had already issued a patch to fix
the flaw, though apparently not all system managers took time to
install the patch.
Ironically,
some of Microsoft Corp.'s own computers fell victim to the SQL Slammer,
according to the IDG News Service. The affected machines were some
used in-house by SQL developers, Microsoft said. But the flood of
traffic created by these infections in Microsoft's network temporarily
brought down the activation service for Microsoft's Windows XP operating
system.
The
worm's success points out the need to keep computer software updated
with the latest patches and upgrades, Rick Miller, a Microsoft spokesman
told IDG. "The biggest lesson with this worm is that if you
don't patch, you're gonna get hit," he said.
AOL
TROUBLES. The impact of media giant AOL Time Warner's record
$98.2 billion annual loss has filled business news pages as the
company struggles to find leadership and direction.
When
AOL's acquisition of Time Warner was announced in January 2000,
it was a huge transaction valued at more than $165 billion. By the
time the purchase was completed a year later, AOL's stock value
had already begun its decline, making the deal worth approximately
$106 billion, which is barely more than the company's recently announced
annual loss.
But
buried in all the news about the company's stock price was equally
shattering news for America Online, the nation's largest Internet
provider.
For
the first time in the service's history, the number of U.S. subscribers
fell in the last three months of 2002. The slump hit despite the
well-promoted rollout of AOL 8.0 and more than $1 billion spent
on advertising and promotion last year.
AOL's
subscriber troubles began during the third quarter of 2002, when
the rate of new subscribers plummeted. Despite the decrease, AOL
still reported 1.2 million new subscribers for the calendar year.
Analysts
say that AOL's competition is high-speed broadband Internet access
-- typically DSL through phone companies or cable Internet on cable
TV lines. To maintain or grow its subscriber base, the company will
need to bolster its content and services that will take advantage
of the capability of broadband access.
Depending
on whose figures you believe, broadband Internet access isn't as
common as you think -- primarily because the price of the high price
of broadband access. While it may be seen as "old school,"
traditional dial-up Internet access is cheaper, reliable and available
nearly everywhere a telephone can go.
AUCTION
ACTION. Auction giant eBay.com has removed an auction listing
for the services of the entire former staff at the ZDNet Tech Update
Web site.
The
11-member group had been laid off earlier this month by their parent
company, CNET Networks, and the group collectively was offering
their services for "salary and benefits in the high six figures."
The
group lost their jobs as part of a previously announced plan by
CNET to reduce its staff.
But
eBay pulled the auction listing following a request from CNET's
legal staff, citing concerns the auction was misleading and could
impact the CNET brand by implying it was involved with the auction.
The
group's leader, former ZDNet worker Lee Schlesinger, posted the
auction again after making some changes. More than 1,600 people
viewed the auction listing and 24 bids were submitted before eBay
removed the auction again, citing that eBay members cannot sell
themselves or other humans in a listing.
Schlesinger
told the Boston Globe he wouldn't repost the listing. He said the
listing was successful -- even though he and his colleagues didn't
find new jobs with the auction, they did gather a great deal of
free publicity.
In
another prank last week, an eBay user posted a tongue-in-cheek auction
listing for the entire country of Iraq.
"Help
your planet and improve your portfolio at the same time by purchasing
the nation with the location," the listing said about Iraq.
The list of amenities included, of course, "OIL! OIL! OIL!"
The
listing lasted only a day before it was ended, though it remains
in eBay's database as a completed auction, appropriately located
in the "Everything Else/Weird Stuff/Slightly Unusual"
category.
For
more information on this and other oddball auctions, visit www.ebay.com.
SAINT
DOT-COM? The Roman Catholic Church has long had its patron saints
-- saints chosen as special protectors or guardians over areas of
life. These areas can include occupations, illnesses, churches,
countries, causes, etc.
The
Vatican has been working on naming a patron saint of Internet users
for more than two years. According to the database of saints at
the Catholic Online Web site (www.catholic.org), St. Isidore of
Seville remains the frontrunner as the official patron saint for
Web users.
St.
Isidore never owned a computer, but he wrote what is called the
world's first encyclopedia, known as the Etymologia. The Etmyologia
was written more than 1,400 years ago, and was a 20-volume collection
of writings on subjects ranging from art and medicine to literature
and agriculture. Spanish Catholics designated St. Isidore as "protector"
of World Wide Web in 1999.
Other
candidates for the post as the Internet's patron saint are being
gathered by Holy Saints, a Roman Catholic organization headquartered
in Northern Italy.
The
Web site has a list of six additional candidates for patron saint
that include front-runner Saint John Bosco, followed by Father Giacomo
Alberione, who was beatified by the Pope in December; Sant'Alfonso
Mara de Liguori, an 18th-century poet, musician, architect, painter,
and later a priest. Trailing in fourth-place was the Angel Gabriel.
To
cast a vote, you can visit the Holy Saints Web site, www.santibeati.it.
If you visit this site, you better take your English-Italian dictionary,
as the site is available only in Italian.
|
