On Thursday 23 October 2003 07:52, Dirk Ouellette wrote:
> Date:10/23 01:14:35 Name:MS-SQL Worm propagation attempt
> Priority:2 Type:Misc Attack IP info: 202.108.249.21:1032 ->
> 12.224.114.207:1434 References:none foundSID: 2003
>
> Should I assume the above is pretty common? I looked at my
> firewall's intrusion detector logs and saw this and many more
> from China. Dirk
"Common" ain't the word for it. Is this the first time you've
looked at your firewall logs?
Hint: you should look through your firewall logs every day. Not
doing so is the same as putting up a fence around your spread and
then never checking it, under the blithe assumption that your
neighbor's critters (or yours) will never find a way through it.
This is the SQL Slammer worm. I still get over a dozen of them
every day. So there are still lots of infected 'doze boxes out
there, even though Windows is more secure than Linux.
Hey, don't laugh! Steve Ballmer himself said so just yesterday.
He's such a nice man and he's the CEO of Microsoft Corporation,
so I'm sure that Mr. Ballmer must know what he's talking about,
right?
And stop laughing! Why are you laughing?
Ken
--
"It was like a visit by Don Corleone. I expected to find a
bloody computer monitor in my bed the next day."
--Marc Andreessen, Netscape's chief technology officer,
on a May 1995 meeting with Microsoft
_______________________________________________
EuG-LUG mailing list
[EMAIL PROTECTED]
http://mailman.efn.org/cgi-bin/listinfo/eug-lug
