BS! Just ask a programmer - its never their fault! ------------------------------------------------------ Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA
> -----Original Message----- > From: Bill Kuhn - MCSE [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 27, 2003 9:38 AM > To: NT 2000 Discussions > Subject: RE: SQL worm? > > > Someone might consider that part of the blame might belong to > the criminal(s) who wrote and unleashed the worm? > > -----Original Message----- > From: Chinnery, Paul [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 27, 2003 8:11 AM > To: NT 2000 Discussions > Subject: RE: SQL worm? > > > I have three SQL servers and none exposed. However, has > anyone read Russ' "editorial" on this at NTbugtraq? He does > make some valid points on why it's not all the SQL admin's fault. > > Paul Chinnery > Network Administrator > Mem Med Ctr > > > -----Original Message----- > From: Martin Blackstone [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 27, 2003 9:08 AM > To: NT 2000 Discussions > Subject: RE: SQL worm? > > > Here is an example "I'm a programmer and need SQL on my PC to > do my job". > Unfortunately the rest goes like this "I don't know sh*t > about security or > this patching stuff, so I will just go on my happy way in ignorance" > > -----Original Message----- > From: Andrew S. Baker [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 27, 2003 6:06 AM > To: NT 2000 Discussions > Subject: RE: SQL worm? > > > Indeed. > > Why would anyone have SQL exposed like that? > > > ASB > Technology Integration Specialist http://www.ultratech-llc.com/KB > > Save The Internet -- Keep Your Systems Patched! > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of Roger > Seielstad > Sent: Monday, January 27, 2003 7:51 AM > To: NT 2000 Discussions > Subject: RE: SQL worm? > > > Then those hosting companies deserve to get hit. > > There's no valid reason to have SQL servers completely > exposed. At the very > least they can be IP limited to the necessary addresses of the users. > > ------------------------------------------------------ > Roger D. Seielstad - MCSE > Sr. Systems Administrator > Inovis - Formerly Harbinger and Extricity > Atlanta, GA > > > > -----Original Message----- > > From: Martin Blackstone [mailto:[EMAIL PROTECTED]] > > Sent: Saturday, January 25, 2003 11:47 AM > > To: NT 2000 Discussions > > Subject: RE: SQL worm? > > > > > > In theory that is correct. > > However, there are places such as web hosting companies that > > offer SQL to > > their customers. There are also companies too cheap to pay > > for a VPN and > > might have an offsite data center. > > While closing those IP's completely is the best solution, > > another idea may > > be to not use those standard ports if you HAVE to access your > > SQL server > > remotely. Use some non standard ones perhaps. > > > > -----Original Message----- > > From: Len Conrad [mailto:[EMAIL PROTECTED]] > > Sent: Saturday, January 25, 2003 8:45 AM > > To: NT 2000 Discussions > > Subject: RE: SQL worm? > > > > > > > > >Close these ports: > > >ms-sql-s 1433/tcp #Microsoft-SQL-Server > > >ms-sql-s 1433/udp #Microsoft-SQL-Server > > >ms-sql-m 1434/tcp #Microsoft-SQL-Monitor > > >ms-sql-m 1434/udp #Microsoft-SQL-Monitor > > > > no, block access from internet to SQL ip (effectively > > blocking ALL ports). > > > > What business does anybody on internet have in accessing your > > SQL server? > > > > Len > > > > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
