At 10:39 PM 2/3/03, you wrote:
The scary thing about this all is that slammer took out interac. Why is the interac system even accessible from the internet? If slammer can effect it, then it will be hacked eventually.Aaron J. Seigo said: > > of course, anyone who puts a database server on a public network > accepting random connections hither and yon is just asking for trouble. > there's really no reason for that sort of set up.I fully agree. The real reason this worm was able to run so wild is because the average network admin doesn't know how to do their job. The sysadmin isn't as much to blame in this one as this patch was not very easy to install to begin with. However, the network admin should know better then to allow anonymous access to there SQL servers from a public network such as the internet. In 99% of the cases they shouldn't have even offered any kind of access to the SQL servers directly to anyone.
--
Mark Lane
Hard Data Ltd.
mailto:[EMAIL PROTECTED]
Telephone: 01-780-456-9771
FAX: 01-780-456-9772
11060 - 166 Avenue
Edmonton, AB, Canada
T5X 1Y3
http://www.harddata.com/
--> Ask me about our Affordable Alpha Systems! <--
BEGIN:VCARD VERSION:2.1 N:Lane;Mark FN:Mark Lane ORG:Hard Data Ltd. TITLE:Sales TEL;WORK;BUSINESS:780-456-9771 TEL;WORK;VOICE:780-456-9771 TEL;WORK;FAX:780-456-9772 ADR;WORK:;;11060 - 166 Avenue;Edmonton;AB;T5X1Y3;Canada LABEL;WORK;ENCODING=QUOTED-PRINTABLE:11060-166 Avenue=0D=0AEdmonton, AB T5X1Y3=0D=0ACanada URL;WORK:http://www.harddata.com EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20010222T231737Z END:VCARD
