According to Jakub Kaminski, Manager of Virus research for Computer Associates in Melbourne, the answer is not as clear-cut as many believe. He points out that although the worm might have been designed with a more aggressive payload, this could also have made it easier to spot and perhaps combat.
"Certainly, it could have been worse, and we were lucky that it wasn't. But the same could be said about any outbreak of any virus," he said.
As it happened, Slammer only resided in memory. It didn't "drop" or modify any files. This meant that if an administrator simply turned off an infected machine and restarted it, it would reboot free of infection. It would have course been re-infected very quickly, but once again no permanent damage would have been caused.
Kaminski says that, as is the case in human virology and epidemiology, a particularly nasty Internet virus or worm with a malicious payload that destroys its host will not spread very far.
"It's exactly like biology, nasty viruses have quick outbreaks," he said.
Once the worm or virus kills its host, it cannot use that host to infect others; it is so destructive that it eliminates itself.
Matthew Proctor, Managing Director of Imagineering Technologies, which operates a data centre in Melbourne, believes the outbreak could have been much worse, but says it shouldn't have reached as far as it did in the first place.
"This is one of the cases where a network device as simple as a firewall could have prevented the attacks." he said.
Proctor says that system administrators need to 'lift their game'.
"The worm exploited a six-month-old vulnerability in Microsoft SQL Server. There is no excuse for not running a security update after six months." he said.
He also says that pointing the finger at Microsoft, which has been criticised because some of its patches were regarded as difficult to install, was an inappropriate response.
"The patches might not be ideal but people should be used to installing them - it's not brain surgery," he said.
Microsoft is often criticised by IT professionals regarding the manual installation required for some of its patches.
When ZDNet Australia spoke with Microsoft about the Slammer outbreak, it claimed to be exploring methods for making patches easier to apply, possibly by integrating support for SQL server into its automatic update system.
"We are looking to expand the critical update service to SQL, and possibly expand it to third party products." said Terry Clancy, Product Manager for Enterprise Data Access, Microsoft Australia.
Calum Russel, Solutions Marketing Manager for Microsoft, said that although the use of Microsoft SQL server has increased dramatically over the last few years, this increase is not reflected in the number of subscribers to the security alert service.
"We don't have nearly enough subscribers to the alert service," he said.
