This all started six months ago, when Microsoft released a patch for their popular SQL database server. This patch fixed a bug which could have been exploited to allow an attacker to take over the server. Now, most patches from Microsoft just need to be downloaded and installed. This patch, however, required editing certain system configuration files and other tedious work.

Our server is colocated at an ISP in the Twin Cities area. Supposedly, there is a person at that ISP who is supposed to be applying patches regularily to keep our server secure. Apparently, this patch was too hard for him. None of us were aware, however, that the patch had not been applied.

Last week, an internet worm known as "Slammer" hit the web, exploiting this vulnerability in MS SQL server. Upon breaking into a server, it would immediately use that server to launch more attacks on other servers, using up all of that server's bandwidth. Within hours, almost every machine on the internet had been hit. Including us.

So, first our bandwidth maxed out with the worm trying to reproduce. Then, our server was unplugged by the ISP to stop the problem. A few days later, we managed to get it back up, but without MS SQL installed. Unfortunately, I was unable to put any sort of notice on this page about the problem, as the web page seemed to be constantly in use (i.e. people were viewing it), so I was not able to replace the file.

Finally, we got the database installed again... and now we're back.

So, that's the story. Hopefully it won't happen again.