![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
From a posting by Nicholas Weaver on Bugtraq, about last weekend's Microsoft SQL Server worm (you know, the one that brought large parts of the internet to a screaming halt):
The same analysis says that just about every vulnerable machine on the entire Internet was infected ten minutes after the worm's release.
It is interesting to contemplate what could have happened if the worm had actually carried a payload. As it was, the only thing it did was spread, and that was quite bad enough. If it had also damaged its hosts, we could've seen a situation were nearly every Internet-connected MSSQL server had its contents erased. It would've been interesting (in a very Chinese sense) to see what that would've done to the global economy.
In the early stages the worm was doubling in size every
8.5 seconds. At its peak, achieved approximately 3 minutes after it
was released, Sapphire scanned the net at over 55 million IP addresses per second.
The same analysis says that just about every vulnerable machine on the entire Internet was infected ten minutes after the worm's release.
It is interesting to contemplate what could have happened if the worm had actually carried a payload. As it was, the only thing it did was spread, and that was quite bad enough. If it had also damaged its hosts, we could've seen a situation were nearly every Internet-connected MSSQL server had its contents erased. It would've been interesting (in a very Chinese sense) to see what that would've done to the global economy.
