An attack caused by a malicious computer code disconnected millions of Internet users around the world this weekend and overwhelmed Penn State's network.

The fast-moving infection, which began at about midnight Saturday, came in the form of a worm virus which targeted servers running Microsoft SQL Server 2000, a popular database package.

Affected machines searched for and then sent out large amount of junk data to other computers running SQL Server, causing major disruptions across the entire Internet. This is known as a denial of service (DOS) attack.

In particular, the virus was designed to communicate on UDP port 1434, which is used by SQL Server for sending messages between computers.

Nearly 39,000 machines were infected, and five of the 13 domain-name servers on the Internet were disabled, The Associated Press reported.

Staff of Penn State Residential Computing, or ResCom, said although the virus causes no permanent damage to machines, it was able to stop students from browsing the Web, talking on instant messaging programs and sending e-mail.

Repair efforts began at 3 a.m., when Information Technology Services staff began to filter traffic through port 1434.

ResCom desks across the campus received calls from students who had not realized that the problem was university-wide.

By 11:30 a.m. yesterday, the core backbone was restored, and by 1:30 p.m., Internet connectivity had been re-established.

University spokeswoman Annemarie Mountz said technicians cleaning up the infection were forced to shut down entire offices, even if only one computer carried the virus.

There are nearly 100,000 computers on the Penn State backbone and only a few dozen were infected. There may be more problems found this morning as computers are turned back on, Mountz said.

ANGEL, eLion and other course management Web sites were also down, but because the attack came on a Saturday morning, students had time to wait for Internet connections to be restored before assignments were due.

"I couldn't do any of my WebAssign homework, and I would have lost a ton of points if it happened closer to the deadline," said Patrick Murphy (freshman-architectural engineering.)

There is nothing most Penn State students can do to recover from attacks such as Saturday's. Since the virus targets servers, not desktop machines, software such as Norton AntiVirus is ineffective. An SQL server run by a student from a dorm or apartment was also at risk.

Kathy Kimball, director of computer network security, said the vulnerability in the database software was well-known before Saturday's attack, and a fix has been available since July.

Saturday's virus, known as SQL Slammer, was not the first to spread through Penn State. Last academic year, the Myparty and SirCam viruses raced through student e-mail boxes. Students who received a blank e-mail may have received and unknowingly forwarded the Klez virus to everyone in their address book.

"There are people who could have done a better job administering their systems. People need to pay attention and patch their machines," Kimball said.

Although Kimball's team scans on-campus machines for vulnerabilities, rules requiring systems administrators to install patches are difficult to enforce.

Kimball said there is only one sure-fire way to prevent similar computer attacks in the future.

"Pay attention to vulnerability announcements. Putting it off puts everybody at risk," she said.

For more information about SQL Slammer, or to download a patch, visit www.microsoft.com/security/slammer.asp.