Aaron J. Seigo said: > > of course, anyone who puts a database server on a public network > accepting random connections hither and yon is just asking for trouble. > there's really no reason for that sort of set up.
I fully agree. The real reason this worm was able to run so wild is because the average network admin doesn't know how to do their job. The sysadmin isn't as much to blame in this one as this patch was not very easy to install to begin with. However, the network admin should know better then to allow anonymous access to there SQL servers from a public network such as the internet. In 99% of the cases they shouldn't have even offered any kind of access to the SQL servers directly to anyone. > > - -- > Aaron J. Seigo > GPG Fingerprint: 8B8B 2209 0C6F 7C47 B1EA EE75 D6B7 2EB1 A7F1 DB43 > > "Everything should be made as simple as possible, but not simpler" > - Albert Einstein > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.7 (GNU/Linux) > > iD8DBQE+P03i1rcusafx20MRApMxAJ9x1UZZt9Xfyq9oeOAzv16Emp0E6wCfSNUE > DiKeh9OJ873iaNDzQyovSxE= > =Wcyi > -----END PGP SIGNATURE-----
