Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
862
Views
0
Helpful
0
Comments

How to mitigate the impact of the Slammer, Sapphire, and MS SQL worm

TCC_2
Level 10
Level 10

‎06-22-2009 05:07 PM - edited ‎03-08-2019 06:21 PM

Core issue

The worm signature is high volumes of User Datagram Protocol (UDP) traffic to port 1434. Affected customers experience high volumes of traffic from both internal and external systems. Symptoms on Cisco devices include (but are not limited to) high CPU and traffic drops on the input interfaces.

Transmission Control Protocol (TCP) port 1433 and UDP port 1434 are used for Structured Query Language (SQL)server traffic. A new worm targets UDP port 1434. This worm attempts to exploit the buffer overflow vulnerability in Microsoft's SQL Server.

Resolution

For more information, refer to these documents:

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents