That and some places don't even have network admins or can't afford to train them.
There's too much IT and not enough process these days, IMHO. If you gave every little company publishing their parts list with SQL Server 2000 a thorough IT process management document and they stuck to it, a network admin wouldn't even need to be that highly skilled or knowledgeable to do the due diligence and end up with the desired result - an uncompromised Microsoft product (can you say "contradiction in terms"?) ;-) lol Hey, that gives me a good business idea... ;-) -----Original Message----- From: Trevor Lauder [mailto:[EMAIL PROTECTED]] Sent: Monday, February 03, 2003 10:39 PM To: [EMAIL PROTECTED] Subject: Re: (clug-talk) vintage os rocks big time :-) Aaron J. Seigo said: > > of course, anyone who puts a database server on a public network > accepting random connections hither and yon is just asking for trouble. > there's really no reason for that sort of set up. I fully agree. The real reason this worm was able to run so wild is because the average network admin doesn't know how to do their job. The sysadmin isn't as much to blame in this one as this patch was not very easy to install to begin with. However, the network admin should know better then to allow anonymous access to there SQL servers from a public network such as the internet. In 99% of the cases they shouldn't have even offered any kind of access to the SQL servers directly to anyone. > > - -- > Aaron J. Seigo > GPG Fingerprint: 8B8B 2209 0C6F 7C47 B1EA EE75 D6B7 2EB1 A7F1 DB43 > > "Everything should be made as simple as possible, but not simpler" > - Albert Einstein > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.7 (GNU/Linux) > > iD8DBQE+P03i1rcusafx20MRApMxAJ9x1UZZt9Xfyq9oeOAzv16Emp0E6wCfSNUE > DiKeh9OJ873iaNDzQyovSxE= > =Wcyi > -----END PGP SIGNATURE-----
