How Slammer took the Internet in 15 minutes
Remember Slammer, the worm that crashed the Internet in 15 minutes a few months ago? Wired has a great article about what happened, from Akamai's engineers point of view:
Fifty-five million meaningless database server requests were traversing the globe - and one of Akamai's Hong Kong locations was caught in the crossfire.
Slammer's attack was ruthless and quick, spreading hundreds of times faster than the Code Red virus or Nimda worm. Yet it started with a single killer packet. The tiny worm hit its first victim at 12:30 am Eastern standard time. The machine - a server running Microsoft SQL - instantly started spewing millions of Slammer clones, targeting computers at random. By 12:33 am, the number of slave servers in Slammer's replicant army was doubling every 8.5 seconds.
The second half of the article shows how amazingly simple Slammer is (376 bytes) and how it works.