Home > Ask the Security Experts > Questions & Answers > Ability of firewall/proxy to keep out Slammer worm
Ask The Security Expert: Questions & Answers
EMAIL THIS

Ability of firewall/proxy to keep out Slammer worm

Stephen Mencik EXPERT RESPONSE FROM: Stephen Mencik

Pose a Question
Other Security Categories
Meet all Security Experts
Become an Expert for this site


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


>
QUESTION POSED ON: 05 February 2003
We are inside a corporate LAN with our intranet. Our network department has firewalls/proxies between us and the Internet. Some of our internal machines had Sapphire. Does this mean that the firewall/proxy had ports 1433/1434 open to the world I can't get a straight answer from our guys. We always felt safe thinking that our firewall/proxy protected us from stuff like this.

>

Obviously I don't know the configuration of your firewall, but Sapphire, aka Slammer, uses UDP port 1434. Note that this is not TCP port 1434.

If you are using a Microsoft SQL server behind your corporate firewall that is accessible from outside the firewall, then you definitely had UDP ports 1433/1434 open, because the SQL server will not work without that.

So, to mitigate against this threat, you could have kept your systems up to date with the current patches, or you could have blocked those ports and done without an SQL server. The flaw that was exploited was reported more than six months ago, and patches have been available since then. There really was no reason for any server to be infected.

For more information on this topic, visit these other SearchSecurity.com resources:
Featured Topic: SQL Slammer update
News & Analysis: Experts warn unpatched SQL Servers still susceptible to Slammer
News & Analysis: Initial SQL worm cleanup simple; patching may not be so easy

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
Browse our Expert Advice



Find Security Solutions for Your Business
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts