From: "Nolly Unvala" 

Got a flood of these between midnight and 3am (EST) this morning.  Seems to
have stopped now.

"Joe Barr"  wrote in message
news:3e328c67$1{at}w3.nls.net...
>
> From /. this morning
> MS SQL Server Worm Wreaking Havoc
> MicrosoftPosted by pudge on Saturday January 25, {at}07:43AM from the
> no-man-will-know-the-day-or-the-hour dept. defile writes "Since about
> midnight EST almost every host on the internet has been receiving a 376
> byte UDP payload on port ms-sql-m (1434) from a random infected server.
> Reports of some hosts receiving 10 per minute or more. internetpulse.net
> is reporting UUNet and Internap are being hit very hard. This is the cause
> of major connectivity problems being experienced worldwide. It is believed
> this worm leverages a vulnerability published in June 2002. Several core
> routers have taken to blocking port 1434 outright. If you run Microsoft
> SQL Server, make sure the public internet can't access it. If you manage a
> gateway, consider dropping UDP packets sent to port 1434." bani
adds "This
> has effectively disabled 5 of the 13 root nameservers."
>
> --
>

--- BBBS/NT v4.01 Flag-4