From another list I'm on:
More than 8,000 MySQL servers have been infected with malware that
could allow them to be used to launch a massive denial-of-service attack.
The worm, known as MySpool, MySpooler or Forbot uses brute force password
attacks to seek out weak root passwords. MySQL has warned its customers to
tighten up their security and is looking into hardening the database against
future attacks -- these would include automatic updates and changes in the
default installation. According to the Internet Storm Center, it is
actually exploiting weak root password
(http://isc.sans.org/diary.php?date=2005-01-27). The fundamental of good
security practices still holds: strong password, lock down your server and
do not expose it unnecessary.
This might affect you if you are using Drupal, phpBB, or some mailing list servers that use MySQL as a back end. If you are behind a firewall which blocks port 3306, you should be ok. But it doesn't hurt to read the full announcement on SANS.
Regards, - Robert http://www.cwelug.org/downloads Help others get OpenSource. Distribute FLOSS for Windows, Linux, *BSD, and MacOS X with BitTorrent
_______________________________________________
CWE-LUG mailing list
http://www.cwelug.org/ [email protected]
http://lists.firepipe.net/listinfo/cwe-lug
