kids encyclopedia robot

SQL Slammer facts for kids

Kids Encyclopedia Facts

SQL Slammer was a computer worm that appeared in 2003. It caused big problems for the Internet by slowing down traffic and making many routers crash around the world. This worm spread super fast, infecting about 75,000 computers in just 10 minutes!

The SQL Slammer worm took advantage of a special mistake, called a buffer overflow bug, in Microsoft's SQL Server and Desktop Engine database programs. Microsoft had released a fix, called a "patch," for this bug six months earlier. But many places hadn't installed the fix yet, which allowed the worm to spread. The areas most affected by the worm were Europe, North America, and Asia, including countries like India.

How the SQL Slammer Worm Worked

The SQL Slammer worm was based on an idea shown by a security expert named David Litchfield. He was the one who first found the bug that the worm used. This worm was a very small piece of code. All it did was create random IP addresses and send copies of itself to those addresses.

If a computer at one of those addresses was running an older, unfixed version of Microsoft SQL Server, it would get infected right away. Once infected, that computer would start sending out even more copies of the worm across the Internet.

Why Home Computers Were Safe

Most home PCs were usually safe from this worm. They would only get infected if they had a special program called MSDE installed. The worm was so tiny that it didn't even save itself onto the computer's hard drive. It only stayed in the computer's memory. This made it easy to remove, often just by restarting the SQL Server program. However, the computer might get infected again quickly if the bug wasn't fixed.

How the Worm Slowed Down the Internet

The SQL Slammer worm started causing big problems on January 25, 2003. It slowed down computer systems all over the world. This slowdown happened because many routers couldn't handle the huge amount of traffic from infected servers.

Normally, if there's too much traffic, routers are supposed to slow it down or pause it. But with SQL Slammer, some routers crashed completely. When a router crashed, other nearby routers would notice it was gone. They would then send messages to other routers to update their "routing tables," which are like maps of the Internet.

This flood of update messages made even more routers crash. Soon, a large part of the Internet's capacity was used up by routers talking to each other. This meant that regular Internet traffic, like websites and emails, slowed down a lot or even stopped. Because the SQL Slammer worm was so small, it could sometimes get through even when normal traffic couldn't.

Why It Spread So Fast

Two main things helped SQL Slammer spread incredibly quickly. First, the worm infected new computers using a fast method called UDP. This method doesn't need to set up a long connection, so it's very quick.

Second, the entire worm was only 376 bytes big. That's tiny! It could fit into a single data packet. This meant that each infected computer could just "fire and forget" packets as fast as possible, sending out many copies of the worm without waiting for replies.

See also

Kids robot.svg In Spanish: SQL Slammer para niños

kids search engine
All content from Kiddle encyclopedia articles (including the article images and facts) can be freely used under Attribution-ShareAlike license, unless stated otherwise. Cite this article:
SQL Slammer Facts for Kids. Kiddle Encyclopedia.