No doubt, in a perfect world. Unfortunately anyone can and does install anything they want these days with little knowledge of the product or how to handle it safely.
-----Original Message----- From: Roger Seielstad [mailto:[EMAIL PROTECTED]] Sent: Monday, January 27, 2003 5:38 AM To: NT 2000 Discussions Subject: RE: SQL worm? The better way is to manage access correctly - invalid ports are less tenable solutions than using access control in most cases. ------------------------------------------------------ Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA > -----Original Message----- > From: Martin Blackstone [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 27, 2003 8:04 AM > To: NT 2000 Discussions > Subject: RE: SQL worm? > > > You could also use an alternative port. > > -----Original Message----- > From: Roger Seielstad [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 27, 2003 4:51 AM > To: NT 2000 Discussions > Subject: RE: SQL worm? > > > Then those hosting companies deserve to get hit. > > There's no valid reason to have SQL servers completely > exposed. At the very > least they can be IP limited to the necessary addresses of the users. > > ------------------------------------------------------ > Roger D. Seielstad - MCSE > Sr. Systems Administrator > Inovis - Formerly Harbinger and Extricity > Atlanta, GA > > > > -----Original Message----- > > From: Martin Blackstone [mailto:[EMAIL PROTECTED]] > > Sent: Saturday, January 25, 2003 11:47 AM > > To: NT 2000 Discussions > > Subject: RE: SQL worm? > > > > > > In theory that is correct. > > However, there are places such as web hosting companies that offer > > SQL to their customers. There are also companies too cheap to pay > > for a VPN and > > might have an offsite data center. > > While closing those IP's completely is the best solution, > > another idea may > > be to not use those standard ports if you HAVE to access your > > SQL server > > remotely. Use some non standard ones perhaps. > > > > -----Original Message----- > > From: Len Conrad [mailto:[EMAIL PROTECTED]] > > Sent: Saturday, January 25, 2003 8:45 AM > > To: NT 2000 Discussions > > Subject: RE: SQL worm? > > > > > > > > >Close these ports: > > >ms-sql-s 1433/tcp #Microsoft-SQL-Server > > >ms-sql-s 1433/udp #Microsoft-SQL-Server > > >ms-sql-m 1434/tcp #Microsoft-SQL-Monitor > > >ms-sql-m 1434/udp #Microsoft-SQL-Monitor > > > > no, block access from internet to SQL ip (effectively blocking ALL > > ports). > > > > What business does anybody on internet have in accessing your SQL > > server? > > > > Len > > > > > > ------ > > You are subscribed as [EMAIL PROTECTED] > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe send a blank email to %%email.unsub%% > > > > ------ > > You are subscribed as [EMAIL PROTECTED] > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe send a blank email to %%email.unsub%% > > > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
