|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Symantec detected Slammer worm "hours" before
On Thu, Feb 13, 2003 at 11:59:48AM -0500, Sean Donelan wrote:
davidmoore certainly thought it was cute when he saw it last nite:
david is impressed that deepsight was tracking the worm "hours before
it began propagating".
david says, "What, did the worm author call them up and tell them,
"hey, I'm letting it go in an hour!""
host -N, cool trick
about time someone overcame that
inconvenient speed of light thing. tap tap
k
Wow, Symantec is making an amazing claim. They were able to detect
the slammer worm "hours" before. Did anyone receive early alerts from
Symantec about the SQL slammer worm hours earlier? Academics have
estimated the worm spread world-wide, and reached its maximum scanning
rate in less than 10 minutes.
I assume Symantec has some data to back up their claim.
http://enterprisesecurity.symantec.com/content.cfm?articleid=1985&EID=0
"For example, the DeepSight Threat Management System discovered the
Slammer worm hours before it began rapidly propagating. Symantec's
DeepSight Threat Management System then delivered timely alerts and
procedures, enabling administrators to protect against the attack
before their environment was compromised."
|