The Inside Story of SQL Slammer
In early 2003, a new worm took the Internet by storm, infecting thousands of servers running Microsoft's SQL Server software every minute. The worm, which became known as SQL Slammer, eventually became the fastest-spreading worm ever and helped change the way Microsoft approached security and reshaped the way many researchers handled advisories and exploit code. This is the inside story of SQL Slammer, told by the researcher who found the bug and wrote the exploit code that was later taken by Slammer's authors and used as part of the worm.
Sophie's grandfather had just finished regaling us with a story about how he, during the second world war, had managed to avoid reveille aboard his ship every day he served when my mobile phone started buzzing in my pocket. We were all out celebrating Sophie's 23rd birthday at our local Chinese restaurant in Cheam, lingering over dessert - toffee banana and ice-cream. Looking at my phone, I excused myself from the table and took the call; it was my brother.
"David, it's happened! Someone's released a worm."
"Worm? Worm for what?"
"Your SQL bug"
My stomach dropped. Telling Mark I'd call him back later I rejoined the table. Someone, I can't remember who, asked if everything was alright. "Not really," I replied, "I think there's going to be trouble."
