« Yesterday's Internet Server Attack Exposes Less Obvious Infrastructure Weaknesses | Main | Red Hat Explains New End of Life Policies for Its Mainstream Linux Distributions »

OnLAMP.com Publishes Good Description of SQL Slammer Impact on Some Cisco Routers

An article by Iljitsch van Beijnum on OnLAMP.com called Network Impact of the MS SQL Worm does a great job of explaining the impact of the SQL Slammer worm on three networks with different Cisco routers.

In van Beijnum's experience, some Cisco routers lost their Border Gateway Protocol (BGP) sessions. When that occurred "the router was unable to advertise the network's IP address ranges to the rest of the world, with the result that these addresses became unreachable." This was compounded by problems with the Cisco Express Forwarding (CEF) algorithm on routers that did not have enough memory. Consequently, the author recommends that packet forwarding algorithms be studied from a worst-case perspective.

Van Beijnum also gives documents some of the steps he took to log and, later, filter the network traffic generated by the worm. So, the article gives insight into how an experienced network manager researches and solves network problems as they occur.

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)


CTDATA Venutures (CTDATA) develops Internet and Intranet applications for corporations and non profit organizations. Our services include:

  • Consulting services for Movable Type and TypePad-based publishing systems (visit our Weblog Improvement website for more information),
  • Financial services business process consulting,
  • Content management system and knowledge management system consulting,
  • Apache web server engineering and hosting,
  • MySQL, Sybase, and Microsoft SQL Server architecture and development,
  • SOAP, REST, and XML-RPC system architecture and programming, including Amazon Web Services and
  • Weblog publishing.
For more information, contact Dave Aiello by email at dave [at] daveaiello.com or call him at +1-267-352-4420.
Copyright © 1995-2010, CTDATA Ventures. All Rights Reserved.
Powered by
Movable Type 4.25