Full Disclosure mailing list archives
Re: SQL Slammer - lessons learned
From: "David Howe" <DaveHowe () cmn sharp-uk co uk>
Date: Mon, 3 Feb 2003 15:31:32 -0000
at Monday, February 03, 2003 2:50 PM, John.Airey () rnib org uk <John.Airey () rnib org uk> was seen to say:
I think you misunderstood what I was getting at. By separating services from dynamic ports, the average PC doesn't need to be patched as often against worms like SQL Slammer (particularly as the MSDE code seems to be so endemic). Should there be a legitimate need to open those ports to the outside world, you can request this via your ISP as you would do with the "Well Known" ports at the moment.
Most isps seem to have no problems with the Well Known ports being open inbound (unless they are explicitly banning servers, including p2p and game servers). To have to individually control open and closed ports for dialup, cable or dsl users would be a major nightmare - not to mention a massively customerbase-reducing move.
Nearly everything we believe is second hand. For example, less than 500 people have seen the Earth from space, yet the majority of people believe it is round (OK pedants, an oblate sphere).
Proof by induction? a huge number of people have travelled far enough from home that "noon" is noticably offset from home time, and called home by telephone. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- SQL Slammer - lessons learned John . Airey (Feb 03)
- Re: SQL Slammer - lessons learned Henrik Lund Kramshøj (Feb 03)
- Re: SQL Slammer - lessons learned David Howe (Feb 03)
- <Possible follow-ups>
- Re: SQL Slammer - lessons learned David Howe (Feb 03)
- AOL refuses to help AIM users ATD (Feb 03)
- Message not available
- Re: AOL refuses to help AIM users ATD (Feb 03)
- Re: AOL refuses to help AIM users Rick Updegrove (Feb 03)
- Re: AOL refuses to help AIM users ATD (Feb 03)
- AOL refuses to help AIM users ATD (Feb 03)
- Re: AOL refuses to help AIM users Berend-Jan Wever (Feb 04)
- RE: SQL Slammer - lessons learned Paul Schmehl (Feb 05)
- Re: SQL Slammer - lessons learned Helmut Springer (Feb 05)
- Re: SQL Slammer - lessons learned David LaPorte (Feb 05)
- Re: SQL Slammer - lessons learned Niels Bakker (Feb 05)