Press "Enter" to skip to content

Month: January 2003

Techy: MS-SQL Slammer

[MS-SQL Slammer Worm]As you may have already heard, over the weekend the Internet was hit by one of the fastest spreading worms since the original Morris worm. The name of this nasty piece of code? “MS-SQL Slammer”- so called because it uses a 6-month old exploit in unpatched Microsoft SQL servers as its method of spreading- but spreads so quickly that it caused major problems across the ‘net.

Actually, to call it a nasty piece of work is doing a disservice to the author (who is, at this moment of time, still unknown). It’s a lovely piece of optimised assembly code which does “it’s job” in just 376 bytes in length (to put that in perspective – that is exactly the length, in letters, spaces and punctuation, of the first paragraph of this entry).

When the code infects an unpatched Microsoft SQL Server 2000 or Microsoft Desktop Engine (MSDE – which is included in Visual Studio.net, Asp.net Web Matrix Tool, Office XP Developer Edition, MSDN Universal and Enterprise, Microsoft Access and Microsoft Applicaiton 2000), it first loads the “modules” Kernel32.dll and WS2_32.dll. It then calls the routine “GetTickCount” to generate random IP (internet protocol) address which it then targets for propagation and exploitation over the UDP (User Datagram Protocol) protocol port 1434. It repeats the exploit code (using a method called a stack buffer overflow) until either the SQL server is shut down or the machine is rebooted.

Joke: Nott Shott?

[Knot]Ned Nott was shot and Sam shott was not.
So it is better to be Shott than Nott.
Some say Nott was not shot.
But Shott says he shot Nott.
Either the shot Shott shot at Nott was not shot, or Nott was shot.
If the shot Shott shot shot Nott, Nott was shot.
But if the shot Shott shot shot Shott, then Shott was shot, not Nott.
However, the shot Shott shot shot not Shott, but Not.

Guess That Movie: XV: Die Another Day

[Guess That Movie Round 15]I don’t know how the h-ll Ph33r_m3 managed to recognise the previous image that was taken from Dr. Strangelove or: How I Learned to Stop Worrying and Love the Bomb [Order from Amazon.co.uk] , but he did. The image showed the late Peter Sellers on the left playing President Merkin Muffley (he also played Captain Lionel Mandrake and Dr. Strangelove) – I’m still not sure who the person on the right was though. Oh well. Yes, the movie was originally in black and white (I added the color/colour by hand) and one of clues I gave out was referring to Dr.Strangelove suffering from “alien hand syndrome” (which is an affliction that can be caused by a stroke or other brain injury) – it’s been nicknamed “Dr.Strangelove syndrome”.

That strange win (I actually specifically picked that picture to try and reduce the chance of Ph33r_m3 guessing the movie – but I still failed) moved Ph33r_m3 into second place in the charts with 330 points – LD is still in the lead with 380. But it could all change with this new image. Once again, since people are extremely close to the magical “prize claiming” 500 point mark – I’ve slightly altered it. Nothing too drastic (as that wouldn’t be allowed under the rule’s I’ve devised for myself) but hopefully the small change should just throw some people off the scent (or maybe not – I can still recognise it, but then again I already know which movie it is!).

Go on punk – make my day!

A: James Bond: Die Another Day [Order from Amazon.co.uk] . Correctly guessed by Ph33r_m3

Games: PacMan

[PacMan]Looking to relive those old 8-bit days of Pac-Man (or, if you grew up on BBC computers like me, Snapper)? Then have I got the game for you!

It’s a 3d looking version of PacMan (very reminiscent of PacMania I first saw on a friends Amiga). You use the cursor keys (the bunch of four arrows on the right of most keyboards) to control the little yellow munchy creature (who, by some strange coincidence, is also called PacMan). If you’ve never come across this classic before (where have you been?) the aim of the game is to just “eat” all the dots and avoid the ghosts. If you eat one of the big yellow “power pills” in each corner then the ghosts turn “edible” for a short time and you can eat them to get extra points – keep an eye out for the bonus fruit as well.

The game is totally Java based and so should work on any platform (happy now Ciaran? 🙂 ) and is work-safe as there is no sound. Yep – it isn’t quite perfect (I miss the munch-munch-munch sound), but at least you can have a go at beating my out-of-practise pathetic 43,320 score.