http://reuters.com/newsArticle.jhtml?type=internetNews&storyID=2886808 By Reed Stevenson June 5, 2003 SEATTLE (Reuters) - Wired magazine is planning to publish the underlying code for the Slammer worm that slowed Internet traffic to a crawl in January, raising questions over whether such articles inspire future hackers or educate potential victims. The article, which will be published in Wired's July issue due out on Tuesday, details how the Slammer worm, also known as "SQL Slammer," spread rapidly through the Internet on Jan. 25, shutting down Internet service providers in South Korea, disrupting plane schedules and knocking out automatic teller machines. The article includes the underlying software code for Slammer. "The thing to note here is that the people who are in a position to wreak havoc on the Internet don't have to read about it on Wired," said Blaise Zerega, managing editor of Wired, which covers a range of subjects centered around technology. "But the people who are in a position to prevent it from happening do read Wired. Our thinking was to shine a light on the problems and issue a wake-up call," Zerega said. Slammer caught many tech-savvy companies by surprise including Microsoft Corp. MSFT.O , which had already installed a critical software patch for SQL software for networked computer servers that would have averted most of the damage. Redmond, Washington-based Microsoft, which even saw some of its own servers running SQL software infected by the Slammer worm, also came under fire although it had issued a patch for the security hole months before Slammer had hit. Vincent Weafer, senior director of security response at computer security company Symantec Corp. SYMC.O , said that while detailed articles could be important in raising computer security awareness, they also needed to be handled with care. "It's something you need to be cautious of, particularly in a broad-based magazine," Weafer said. "You need to be aware of your audience and what you're saying to them," Weafer said. In the article, entitled "Slammed! An inside view of the worm that crashed the Internet in 15 minutes," writer Paul Boutin details how Slammer's computer code infiltrates a software programs and replicates itself. Slammer caused damage by duplicating itself rapidly and spreading to other vulnerable computers, clogging Internet traffic. The article does not provide details on how to plant the worm, or how to erase any trace of doing so, which would be the most important step for a malicious hacker who wanted to avoid being caught, experts noted. "I think the approach to safeguarding the Internet should not be break and fix," said Wired's Zerega, "It should be proactive and that's what we're doing here." - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Jun 06 2003 - 01:06:30 PDT