nanog mailing list archives
Re: Level3 routing issues?
From: Dave Stewart <dbs () dbscom com>
Date: Sat, 25 Jan 2003 18:43:56 -0500
At 05:10 PM 1/25/2003, you wrote:
We have had multiple customers who had SP3 on their boxes that were hit. SP3 was _supposed_ to include this patch, there is no verification so far that it did. Since all the providers have been blocking the attack spread from the routers, installing SP3 on boxes post-attack hasn't really been put to the test yet. YMMV
Not extensive testing, no... but again... SQL Server 2000 SP3 is not the same animal as Windows 2000 SP3.And after installing SQL Server 2000 SP3, I opened up the router to allow all the 1434 traffic that came in... the box was hit on numerous occasions over the next hour or so, and never did it get infected again.
SQL Server 2000 SP3 was just released on 1/17/2003... while the patch for this vulnerability has been out since last July (and yes, I'm guilty of not following it closely enough myself... no excuses)
Current thread:
- Re: Level3 routing issues?, (continued)
- Re: Level3 routing issues? C. Jon Larsen (Jan 25)
- Re: Level3 routing issues? Avleen Vig (Jan 25)
- Re: Level3 routing issues? Grant A. Kirkwood (Jan 25)
- Re: Level3 routing issues? Stephen J. Wilcox (Jan 25)
- Re: Level3 routing issues? Christopher L. Morrow (Jan 25)
- Re: Level3 routing issues? Scott Call (Jan 25)
- Re: Level3 routing issues? Neil J. McRae (Jan 25)
- Re: Level3 routing issues? Stephen Milton (Jan 25)
- Re: Level3 routing issues? Avleen Vig (Jan 25)
- Re: Level3 routing issues? Alex Rubenstein (Jan 25)
- Re: Level3 routing issues? Dave Stewart (Jan 25)
- Re: Level3 routing issues? Stephen Milton (Jan 26)
- Re: Level3 routing issues? Christopher L. Morrow (Jan 27)
- Re: Level3 routing issues? Jack Bates (Jan 25)
- Re: Level3 routing issues? Josh Richards (Jan 25)
- Re: Level3 routing issues? Kevin Day (Jan 25)
- Re: Level3 routing issues? Gary Coates (Jan 25)