RE: firewall design (was: RE: terminal services )

[m p <sumirati () yahoo de>]

 --- "R. DuFresne" <dufresne () sysinfo com> schrieb: 
> On Tue, 28 Jan 2003, Noonan, Wesley wrote:
>
>       [SNIP]
>
> > I actually disagree here. The issue with slammer/sapphire is precisely that
> > people didn't patch their machines. Let's review some of the recent
> history.
>
>
> didn't patch their machines and didn;'t heed all the information available
> the last time M$-SQL was hit.  Other discussions in various lists the past
> few days have folks claiming they had no prior warning that port 1434 was
> a point of caution deserving incomong and outgoing blocks.  

Anyone who designs a firewall should block all traffic - and build up then a
list of "good" traffic. 

Anyone not doing this should not say to much about "I didn't knew it." It shows
that he/she/it does not know enough to do his/her job right.

If they had Microsoft SQL Server running and didn't know the port it opens -
well as I said before - if they don't have a clue, they are working in the
wrong buisness.

Just my 2 euro-cent.

Marc


__________________________________________________________________

Gesendet von Yahoo! Mail - http://mail.yahoo.de
Bis zu 100 MB Speicher bei http://premiummail.yahoo.de
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards