• United States

Could Microsoft be justifiably blamed for spread of Slammer?

Feb 03, 20032 mins
Enterprise ApplicationsMicrosoftSecurity

* It's easy to blame Microsoft

Microsoft is getting slammed for the so-called Slammer virus that was launched last week. A small part of the blame could be apportioned to Microsoft as well as to system administrators, but the majority of the problem could be laid at the feet of the ISPs and other ‘keepers of the Internet plumbing’.

Last week, the Slammer worm attacked SQL Server 2000 installations that had not been patched with a fix that was released many months ago. To Microsoft’s chagrin, this included some of its own SQL Server 2000 installations. The fix was so difficult to install (requiring hours of downtime for the database servers) that a number of people simply hadn’t yet had time to apply the patch.

Some SysAdmins, though, used the length of time as an excuse to skip the patch and their installations suffered during the attack.

But, as almost all the news outlets reported, the real problem was because the worm was so random and aggressive in its scanning for computers to attack that it flooded many of the Internet’s “data pipelines” (as described by one Australian news source).

It wasn’t Microsoft or SysAdmins who failed to respond to what appeared to be a standard denia-of-service attack, but the keepers of those ‘data pipelines’ – the ISPs and major telcos who control Internet traffic. Once the nature of the packet flooding was identified steps were taken to control the denial-of-service attack – but that took far too long.

Blaming Microsoft is easy to do, but it’s misguided. Should Windows be replaced as the most popular operating system, then the new one would become the popular target for crackers and script kiddies. They aren’t motivated by their love, fear or hate of Microsoft but by the possibility of being able to bring down large installations and major parts of the worldwide network. If all of those servers were, overnight, migrated to Linux, for example, then Linux worms, viruses and Trojan horses would proliferate like wildfire.

Microsoft has been quick to fix any vulnerabilities that are revealed, and it should be applauded for that. But Microsoft should be embarrassed that its own servers were caught – that should never have happened. But the real culprits – the people controlling the data pipes – need to step forward and take responsibility for their actions – or, more likely, their inactions. Credit where credit is due, after all. And vice versa.