If you have noticed that many sites are down or that your internet is really, really slow - you are not going nuts. Here's what's going on:
There is a massive Distributed Denial of Service attack going on worldwide on the internet. It is similar to the Code Red worm of a couple years ago. One site reports that 5 of the 13 major hubs (yes there are only 13 worldwide hubs that handle all of the internet traffic) have been hit with partial or total outages reported.
This is what our Internet Service Provider emailed us:
Dear Valued Customer,
Large portions of the Internet are suffering from a massive denial-of-service type attack. It appears to be a worm, attacking and infecting Microsoft SQL server.
While the worm directly attacks Microsoft SQL server, the level of traffic being generated by the worm is so huge that large-scale portions of the Internet are basically unusable.
We are monitoring the situation, but until Internet backbones and ISP's everywhere have also all blocked these ports and identified infected machines, serious performance degredation will continue.
We do not believe that any network elements under our control are having performance problems, but are monitoring this on an ongoing basis to ensure our own connections to the Internet remain uncongested.
At this time, we have blocked ports 1433 and 1434 both from entering and from leaving our network. If you require outside access to these ports to your SQL server, you will need to contact support for assistance.
If you are operating Microsoft SQL which is publicly accessible from the Internet, you should immediately ensure that you have installed all the latest security patches, and reboot your server. If your SQL server is infected by this worm, and is thus attacking other Internet hosts, our information indicates that a reboot *MAY* clear it up. But be sure you install the latest patches, and if in doubt, take the server offline.
More information as it becomes available.
Here is a CNN article on the outage.
Note: This is NOT a virus that will affect your personal computer. This is an attack on the internet, the entire internet, that will only affect servers.
There is a massive Distributed Denial of Service attack going on worldwide on the internet. It is similar to the Code Red worm of a couple years ago. One site reports that 5 of the 13 major hubs (yes there are only 13 worldwide hubs that handle all of the internet traffic) have been hit with partial or total outages reported.
This is what our Internet Service Provider emailed us:
Dear Valued Customer,
Large portions of the Internet are suffering from a massive denial-of-service type attack. It appears to be a worm, attacking and infecting Microsoft SQL server.
While the worm directly attacks Microsoft SQL server, the level of traffic being generated by the worm is so huge that large-scale portions of the Internet are basically unusable.
We are monitoring the situation, but until Internet backbones and ISP's everywhere have also all blocked these ports and identified infected machines, serious performance degredation will continue.
We do not believe that any network elements under our control are having performance problems, but are monitoring this on an ongoing basis to ensure our own connections to the Internet remain uncongested.
At this time, we have blocked ports 1433 and 1434 both from entering and from leaving our network. If you require outside access to these ports to your SQL server, you will need to contact support for assistance.
If you are operating Microsoft SQL which is publicly accessible from the Internet, you should immediately ensure that you have installed all the latest security patches, and reboot your server. If your SQL server is infected by this worm, and is thus attacking other Internet hosts, our information indicates that a reboot *MAY* clear it up. But be sure you install the latest patches, and if in doubt, take the server offline.
More information as it becomes available.
Here is a CNN article on the outage.
Note: This is NOT a virus that will affect your personal computer. This is an attack on the internet, the entire internet, that will only affect servers.