nanog mailing list archives
Re: What could have been done differently?
From: "David Howe" <DaveHowe () gmx co uk>
Date: Thu, 30 Jan 2003 13:17:40 -0000
at Thursday, January 30, 2003 12:01 AM, bdragon () gweep net <bdragon () gweep net> was seen to say:
But this worm required external access to an internal server (SQL Servers are not front-end ones); even with a bad or no patch management system, this simply wouldn't happen on a properly configured network. Whoever got slammered, has more problems than just this worm. Even with no firewall or screening router, use of RFC1918 private IP address on the SQL Server would have prevented this worm attackRFC1918 addresses would not have prevented this worm attack. RFC1918 != security
Indeed. More accurately though "don't have an SQL server port exposed to the general internet you bloody fools" might be closer to the correct advice to customers :) I have been trying *hard* but can't think of a single decent reason a random visitor to a site needs SQL Server access from the outside.
Current thread:
- Re: What could have been done differently?, (continued)
- Re: What could have been done differently? Alex Bligh (Jan 28)
- Re: What could have been done differently? Andy Putnins (Jan 28)
- Re: What could have been done differently? Alex Bligh (Jan 28)
- Re: What could have been done differently? Mike Lewinski (Jan 28)
- Re: What could have been done differently? Andy Putnins (Jan 28)
- Re: What could have been done differently? E.B. Dreger (Jan 28)
- Re: What could have been done differently? E.B. Dreger (Jan 28)
- Re: What could have been done differently? Eliot Lear (Jan 28)
- Re: What could have been done differently? Rubens Kuhl Jr. (Jan 28)
- Re: What could have been done differently? Ted Fischer (Jan 28)
- Re: What could have been done differently? bdragon (Jan 29)
- Re: What could have been done differently? David Howe (Jan 30)
- Re: What could have been done differently? Scott Francis (Jan 29)
- Re: What could have been done differently? Leo Bicknell (Jan 28)
- RE: What could have been done differently? Eric Germann (Jan 28)
- Re: What could have been done differently? Jack Bates (Jan 28)
- RE: What could have been done differently? Eric Germann (Jan 28)
- Re: What could have been done differently? Scott Francis (Jan 28)
- Re: What could have been done differently? Valdis . Kletnieks (Jan 28)
- RE: What could have been done differently? Eric Germann (Jan 28)
- Re: What could have been done differently? Leo Bicknell (Jan 28)
- Re: What could have been done differently? Scott Francis (Jan 28)
- Re: What could have been done differently? Alex Bligh (Jan 28)
- WANAL (Re: What could have been done differently?) Paul Vixie (Jan 28)