[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] SQL Worm

Subject: RE: [cobalt-users] SQL Worm
From: "E.B. Dreger" <eddy+public+spam@xxxxxxxxxxxxxxxxx>
Date: Sun Jan 26 12:51:02 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

a> Date: Sun, 26 Jan 2003 22:33:21 +0300
a> From: aljuhani


a> Our provider's two data centers located in two different
a> geographic locations were un-reachable for about 7.5 hours

Sounds like they or their upstreams weren't very responsive.
I'm still seeing periodic exploit packets on various networks.


a> from 0500 HRS GMT to 1230 HRS GMT.  Emails were delayed for 3
a> to 5 hours from some networks.

Believable.


a> What caused this?? Ask Microsoft?
a> http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-039.asp

Yes, the software needs improvement.  However, properly-patched
and firewalled machines were unaffected.  Lack of proper security
precautions are the admin's fault.  Did 1434/UDP need to be open
to the outside world?  Why hadn't the July patches been applied?
Inept administration is also to blame.

How many people are running vulnerable versions of BIND, whatever
FTP daemon, Apache, OpenSSH, OpenSSL, PHP, MySQL, et cetera?
Programmers may be to blame for the bugs, but admins are to blame
for not staying on top of things.


a> Time to go linux..
a>
a> http://www.eweek.com/article2/0,3959,845164,00.asp

1. There are other OSes worthy of consideration.  Choosing one
   should not be based on what most people say is "cool".

2. Linux, GNU, and popular *ix daemons are imperfect.  They are,
   however, IMNSHO far easier to maintain and keep running than
   Windows services.


Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist@xxxxxxxxx>
To: blacklist@xxxxxxxxx
Subject: Please ignore this portion of my mail signature.

These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to <blacklist@xxxxxxxxx>, or you are likely to
be blocked.

References:
- RE: [cobalt-users] SQL Worm
  - From: aljuhani

Prev by Date: [cobalt-users] WEIRD?! Rom flash failure?
Next by Date: Re: [cobalt-users] WEIRD?! Rom flash failure?
Previous by thread: RE: [cobalt-users] SQL Worm
Next by thread: [cobalt-users] WEIRD?! Rom flash failure?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index