At 09:55 AM 2/4/03, you wrote:
Ah but...Mark Lane said: > At 10:39 PM 2/3/03, you wrote: >>Aaron J. Seigo said: >> > >> > of course, anyone who puts a database server on a public network >> accepting random connections hither and yon is just asking for >> trouble. there's really no reason for that sort of set up. >> >>I fully agree. The real reason this worm was able to run so wild is >> because the average network admin doesn't know how to do their job. >> The sysadmin isn't as much to blame in this one as this patch was not >> very easy to install to begin with. However, the network admin should >> know better then to allow anonymous access to there SQL servers from a >> public network such as the internet. In 99% of the cases they >> shouldn't have even offered any kind of access to the SQL servers >> directly to anyone. > > The scary thing about this all is that slammer took out interac. Why is > the interac system even accessible from the internet? If slammer can > effect it, then it will be hacked eventually. > Interac isn't connected to the internet, however the banks are. Slammer took down the banks internal networks which in turn disrupted interac machines since they need to communicate with the bank networks. The world was lucky this time, next time it may take down airports and such. If air traffic control is taken down or any other such service like it, then we may start to see death tolls after every worm hits.
If the banks are accessible to both the Internet and Interac then the banks can be used to access Interac from the Internet....... Thus a connection from the internet to interac exists even if it isn't a direct connection.
For Example
When I buy something on Interac, it updates my account balance in real-time. When I do online banking, it updates my account balance in real-time. So both systems have access to my account balance at the bank in real-time. Therefore, there must be a connection to the database server from both the Internet and Interac Networks. If the database server is compromised from the internet, it can be used as a gateway to access the interac network.
--
Mark Lane
Hard Data Ltd.
mailto:[EMAIL PROTECTED]
Telephone: 01-780-456-9771
FAX: 01-780-456-9772
11060 - 166 Avenue
Edmonton, AB, Canada
T5X 1Y3
http://www.harddata.com/
--> Ask me about our Affordable Alpha Systems! <--
BEGIN:VCARD VERSION:2.1 N:Lane;Mark FN:Mark Lane ORG:Hard Data Ltd. TITLE:Sales TEL;WORK;BUSINESS:780-456-9771 TEL;WORK;VOICE:780-456-9771 TEL;WORK;FAX:780-456-9772 ADR;WORK:;;11060 - 166 Avenue;Edmonton;AB;T5X1Y3;Canada LABEL;WORK;ENCODING=QUOTED-PRINTABLE:11060-166 Avenue=0D=0AEdmonton, AB T5X1Y3=0D=0ACanada URL;WORK:http://www.harddata.com EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20010222T231737Z END:VCARD
