| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: rms at computerbytesman.com (Richard M. Smith) Subject: How the BofA ATM network got whacked by the SQL Slammer Worm 'Slammer' attacks may become way of life for Net http://news.com.com/2009-1001-983540.html?tag=fd_lede2_hed .... That's exactly what happened to Bank of America, whose automated teller machines suddenly stopped dispensing cash early Saturday. The reason: The sheer volume of data produced by servers infected with Slammer smothered databases in Bank of America's internal network. "When a person uses an ATM, (the ATM) communicates with databases on our internal networks," said Lisa Gagnon, a spokeswoman for the bank. "That communication couldn't happen because our network was so congested." Indeed, a single infected server churning out copies of the worm could theoretically congest the bandwidth of a 100Mbps Ethernet, according to analyses of the program. By late Saturday, most of the company's ATMs were back in service. The company located the entry point but, for security reasons, would give no details of how the worm got in. "Either the patch failed or we missed some servers when we applied the patch," Gagnon said. "Going forward we will analyze what we can do to make sure this doesn't happen again."
Powered by blists - more mailing lists