We noticed you're blocking ads.

Keep supporting great journalism by turning off your ad blocker.

Questions about why you are seeing this? Contact us

Font Size

- Aa +

Wed 22 May 2002 04:00 AM

Font Size

- Aa +

ISS warns of Spida threat

Internet Security Systems (ISS) has issued a warning for the Spida worm, which is spreading through Microsoft SQL servers and creating large amounts of Internet traffic and TCP/IP probes.

Internet Security Systems (ISS) has issued a warning for the Spida worm, which is spreading through Microsoft SQL servers and creating large amounts of Internet traffic and TCP/IP probes.According to the security vendor, Spida locates and logs into the SQL servers using the ‘sa’ account and a blank password, once inside the worm sends its configuration and password to an external host.The threat of Spida comes not in the worm itself, but in the scanner that is incorporated with the worm, says ISS. “Although the Spida worm is not destructive to the infected host, it may generate a damaging level of network traffic when it scans for additional hosts,” ISS reveals in a statement. “The scanner bundled with the worm is multi-threaded and capable of scanning with 100 threads. A large amount of network traffic is created by the worm, which scans both internal and external IP addresses for vulnerable servers,” the report continues.Spida’s main aim is to export the server’s SAM password database and gather information about its network database and configuration. The worm installs its files into Windowssystem32 directory or Windowssystem32drivers directory, according to ISS.The security vendor recommends that SQL users visit Microsoft’s site: www.microsoft .com/sql/techinfo/administration/200/security.asp.

Arabian Business: why we're going behind a paywall

For all the latest business news from the UAE and Gulf countries, follow us on Twitter and Linkedin, like us on Facebook and subscribe to our YouTube page, which is updated daily.

Read next