YOU’RE NOT VIEWING PANDA SECURITY USA. CLICK TO IMPROVE YOUR EXPERIENCE
VISIT PANDA SECURITY USA

Hello!

You’re about to visit our web page in English
Would you like to continue?

Yes, I want to visit the web page in English No, I want to visit the web page in

If this is not what you’re looking for,

Visit our Welcome Page!

x
48-HOUR OFFER
50%
RENEWALS
Home users only
RENEW AT A DISCOUNT
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET 50% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET 50% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET 50% OFF
x
UP TO
-60%
BUY NOW
x
UP TO
-60%
BUY NOW
Active Scan. Scan your PC free

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Slammer

Threat LevelHigh threatDamageSevereDistributionNot widespread

Effects 

Slammer has the following effects:

  • It increases the network traffic through UDP port 1434 (SQL Server Resolution Service Port).
  • It slows down or even blocks the server.
  • It slows down Internet communications.
  • It can cause the e-mail service to fail.
  • It can block the network.

Infection strategy 

Slammer follows the infection routine below:

  • When it reaches the computer it goes memory resident.
  • It loads three Winsock (network management standard) API functions:
    Socket and Sendto (WSW_32.DLL), in order to send itself out.
    GetTickCount (KERNELL32.DLL), to generate random IP addresses in order to try and infect other machines.
  • It sends multiple packets containing the worm's code through port 1434.
  • The worm constantly sends multiple packets, which results in a DoS (denial of service) attack on the port.

Slammer does not create or modify files or entries in the Windows Registry.

Means of transmission 

Slammer is sent to the affected server from another SQL server. Once it gets into the machine, Slammer looks for other machines that act as SQL servers in order to infect them. It does this by exploiting a buffer overrun vulnerability, which exists in servers that do not have Service Pack 3 installed.

ARE YOU FACING ANY PC OR INTERNET RELATED PROBLEMS?
FREE SUPPORT INCLUDED. CALL US 24/7

powered by Anytech365