SQL Slammer Worm
On Friday, January 24th, 2003, Cyberverse started seeing a new worm probing around from random hosts on the 'net:Time(PST) SrcIPaddress Port DstIPaddress Port Type Bytes 21:29:26.498 216.64.209.1 4352 209.151.248.221 1434 UDP 404 21:29:28.034 216.97.70.130 3119 209.151.240.203 1434 UDP 404 21:29:28.594 216.98.135.87 3334 209.151.238.74 1434 UDP 404 21:29:29.502 216.26.191.147 1806 209.151.250.126 1434 UDP 404 21:29:31.022 216.131.94.31 1099 209.151.238.15 1434 UDP 404 21:29:31.474 216.26.191.147 1806 209.151.251.85 1434 UDP 404
It ramped up very quickly.

Discovering most vulnerable hosts across the 'net in something like 200 seconds.

Within 2 hours, we already have evidence of attacking hosts or networks getting shut down faster than new ones we being found.
