Wired Magazine Story to Detail Slammer Web Attack

[InfoSec News <isn () c4i org>]

http://reuters.com/newsArticle.jhtml?type=internetNews&storyID=2886808

By Reed Stevenson
June 5, 2003

SEATTLE (Reuters) - Wired magazine is planning to publish the
underlying code for the Slammer worm that slowed Internet traffic to a
crawl in January, raising questions over whether such articles inspire
future hackers or educate potential victims.

The article, which will be published in Wired's July issue due out on
Tuesday, details how the Slammer worm, also known as "SQL Slammer,"  
spread rapidly through the Internet on Jan. 25, shutting down Internet
service providers in South Korea, disrupting plane schedules and
knocking out automatic teller machines.

The article includes the underlying software code for Slammer.

"The thing to note here is that the people who are in a position to
wreak havoc on the Internet don't have to read about it on Wired,"  
said Blaise Zerega, managing editor of Wired, which covers a range of
subjects centered around technology.

"But the people who are in a position to prevent it from happening do
read Wired. Our thinking was to shine a light on the problems and
issue a wake-up call," Zerega said.

Slammer caught many tech-savvy companies by surprise including
Microsoft Corp. MSFT.O , which had already installed a critical
software patch for SQL software for networked computer servers that
would have averted most of the damage.

Redmond, Washington-based Microsoft, which even saw some of its own
servers running SQL software infected by the Slammer worm, also came
under fire although it had issued a patch for the security hole months
before Slammer had hit.

Vincent Weafer, senior director of security response at computer
security company Symantec Corp. SYMC.O , said that while detailed
articles could be important in raising computer security awareness,
they also needed to be handled with care.

"It's something you need to be cautious of, particularly in a
broad-based magazine," Weafer said.

"You need to be aware of your audience and what you're saying to
them," Weafer said.

In the article, entitled "Slammed! An inside view of the worm that
crashed the Internet in 15 minutes," writer Paul Boutin details how
Slammer's computer code infiltrates a software programs and replicates
itself.

Slammer caused damage by duplicating itself rapidly and spreading to
other vulnerable computers, clogging Internet traffic.

The article does not provide details on how to plant the worm, or how
to erase any trace of doing so, which would be the most important step
for a malicious hacker who wanted to avoid being caught, experts
noted.

"I think the approach to safeguarding the Internet should not be break
and fix," said Wired's Zerega, "It should be proactive and that's what
we're doing here."



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.