Someone might consider that part of the blame might belong to the criminal(s) who wrote and unleashed the worm?
-----Original Message----- From: Chinnery, Paul [mailto:[EMAIL PROTECTED]] Sent: Monday, January 27, 2003 8:11 AM To: NT 2000 Discussions Subject: RE: SQL worm? I have three SQL servers and none exposed. However, has anyone read Russ' "editorial" on this at NTbugtraq? He does make some valid points on why it's not all the SQL admin's fault. Paul Chinnery Network Administrator Mem Med Ctr -----Original Message----- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Monday, January 27, 2003 9:08 AM To: NT 2000 Discussions Subject: RE: SQL worm? Here is an example "I'm a programmer and need SQL on my PC to do my job". Unfortunately the rest goes like this "I don't know sh*t about security or this patching stuff, so I will just go on my happy way in ignorance" -----Original Message----- From: Andrew S. Baker [mailto:[EMAIL PROTECTED]] Sent: Monday, January 27, 2003 6:06 AM To: NT 2000 Discussions Subject: RE: SQL worm? Indeed. Why would anyone have SQL exposed like that? ASB Technology Integration Specialist http://www.ultratech-llc.com/KB Save The Internet -- Keep Your Systems Patched! -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Roger Seielstad Sent: Monday, January 27, 2003 7:51 AM To: NT 2000 Discussions Subject: RE: SQL worm? Then those hosting companies deserve to get hit. There's no valid reason to have SQL servers completely exposed. At the very least they can be IP limited to the necessary addresses of the users. ------------------------------------------------------ Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA > -----Original Message----- > From: Martin Blackstone [mailto:[EMAIL PROTECTED]] > Sent: Saturday, January 25, 2003 11:47 AM > To: NT 2000 Discussions > Subject: RE: SQL worm? > > > In theory that is correct. > However, there are places such as web hosting companies that > offer SQL to > their customers. There are also companies too cheap to pay > for a VPN and > might have an offsite data center. > While closing those IP's completely is the best solution, > another idea may > be to not use those standard ports if you HAVE to access your > SQL server > remotely. Use some non standard ones perhaps. > > -----Original Message----- > From: Len Conrad [mailto:[EMAIL PROTECTED]] > Sent: Saturday, January 25, 2003 8:45 AM > To: NT 2000 Discussions > Subject: RE: SQL worm? > > > > >Close these ports: > >ms-sql-s 1433/tcp #Microsoft-SQL-Server > >ms-sql-s 1433/udp #Microsoft-SQL-Server > >ms-sql-m 1434/tcp #Microsoft-SQL-Monitor > >ms-sql-m 1434/udp #Microsoft-SQL-Monitor > > no, block access from internet to SQL ip (effectively > blocking ALL ports). > > What business does anybody on internet have in accessing your > SQL server? > > Len > ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
