The slammerworm is one of the earliest discovered malware in the computer world thatinfected over 90% of the vulnerable computers within ten minutes and hencecausing severe disruption to nearly all the sectors of the society. The uniqueattribute of the malware is its speed to spread within the vulnerable computersand thus making it a dangerous work in the computer history.
The attackmechanism of the worm is by using random scanning to select an IP addressrandomly and infecting the vulnerable computers at a breakneck speed. The wormthen spreads exponentially and replicates by bandwidth consumption hencecausing site-specific variation within the system. Despite the worm not havinga malicious payload, it affected the system by overloading its networks andconsequently causing the servers to fail therefore resulting in completefailure in the computer system. Slammer worm takes advantage of the host byexploiting a buffer-overflow vulnerability in the computers that are installedwith internet running on Microsoft SQL Server Desktop Engine (MSDE) 2000 or theMicrosoft’s SQL Server.
Slammer worm is a speed worm, and hence itspreads to other networks by the scanning technique and exploits the payloadsince it has a limited bandwidth, which enables it to affect a vulnerablecomputer which in turn transmits the packets. However, due to its speed, theworm was stopped by automating worm defense hence making it effective inreducing the variability of the computers. Additionally, the technique ofhuman-mediated filtering is useful in reducing the scan traffic and thusstopping the propagation of the worm to other systems, but the ultimate defenseis to develop techniques and updated tools to help ensure they respondautomatically to the treat.