| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Virus Overwhelms Global Internet Systems | |
|
||
| Time: 12:07 EST/17:07 GMT | News Source: Associated Press | Posted By: Todd Richardson | ||
|
Traffic on the Internet slowed dramatically for hours early Saturday, the effects of a fast-spreading, virus-like infection that overwhelmed the world's digital pipelines and broadly interfered with Web browsing and delivery of e-mail. The virus-like attack, which began about 12:30 a.m. EST, sought out vulnerable computers on the Internet to infect using a known flaw in popular database software from Microsoft Corp., called "SQL Server 2000." But the attacking software was scanning for victim computers so randomly and so aggressively — sending out thousands of probes a second — that it saturated many Internet data pipelines. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 155 Last | Next |
The time now is
11:51:46 PM
ET.
Any comment problems? E-mail us |
| #1 By 2332 (65.221.182.3) at 1/25/2003 1:29:16 PM |
|
Ok... a few points.
1.) Autoupdate is not a good ideal for server environments. Admins must be given the chance to full test patches in a staging area before they distribute them in the enterprise. 2.) If your SQL Server is exposed on the internet, you *are* stupid. There is absolutely no excuse for this. SQL Server should be behind a firewall. I think that most of those who are affected by this virus would be affected no matter what Microsoft does. They don't patch their systems, and they expose them to the outside world without reason. Companies take notice. If your SQL Servers get infected by this virus, FIRE your DBA and IT staff that are in charge of them. |
| #2 By 531 (64.109.133.244) at 1/25/2003 1:33:17 PM |
|
CMS, I can understand your point about what it's like in a corporate environment, but I still think you're wrong. The company I work for has an interesting policy... they don't puch security patches at all. The last update what was applied to the Windows 2000 workstations was SP2, and Internet Explorer 5.5 SP2. The policy is the same for servers, if you can believe it.
I've gathered a team together and am making it a personal priority to prove to the management that patches are necessary, and we're working on developing a response plan. The patch is question has been out for at least 6 months... in 6 months, all of your regression should have been completed ages ago, and the patch should be on production systems. Even 1 month is pushing it, depending on the size of your corporation. In short, you can't blame the corporate environment for needing the extra testing time, but you've got to do the work to make it less painful... otherwise you're going to be spending a lot more Saturdays in the office. |
| #3 By 143 (204.31.17.197) at 1/25/2003 2:04:55 PM |
|
Microsoft Baseline Security Analyzer:
http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/Security/tools/tools/MBSAHome.ASP |
| #4 By 135 (208.50.206.187) at 1/25/2003 2:43:53 PM |
|
The HFNetchk tool is your friend.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/tools/hfnetchk.asp Better yet... scan your systems, and push out patches... http://www.shavlik.com/ They have a light version which works fine for home networks... the MBSA is also part of this grand solution. The tools are out there, but I definately agree it's hard work to keep track of all this. |
| #5 By 6253 (12.237.219.240) at 1/25/2003 3:38:34 PM |
|
#9, small correction: the initial patch for this vulnerability was not included in SP2. Maybe you were confused because that patch required SP2 as a pre-requisite.
In any case, the point is absolutely right that there has been plenty of time for this hole to have been closed, but in many cases it won't help to fire the sysadmin because the economy has made it likely that the sysadmin was already fired. I don't believe in automatic installation of patches with only one exception: if there is nobody [left] in an organization whose job includes periodic evaluation of bulletins and updates, then the last one out should turn on the auto-updates. |
| #6 By 7390 (63.211.44.114) at 1/25/2003 5:31:02 PM |
|
OK, this post falls into the good grief section.
1. If you are running a large corporation then shouldn't the IT dept have regular meetings regarding security? Given the relationship of hackers and MS by all means your IT dept should have this on high priority. WTF are the DBAs doing? I see the words "patch, hot fix, service pack, update" and that baby gets installed in a reaonable time frame (6 MONTHS IS MORE THAN ENOUGH TIME). 2. If you are running a small shop and can't afford a large IT dept then by all means you should be running auto update. 3. And yes exposing your prod DB to the world is freaking stupid! But I guess blocking port 1433 on the router must be harder than I thought :) |
| #7 By 2459 (24.170.151.14) at 1/25/2003 11:34:00 PM |
|
The BSA scans for SQL updates. There's also the MS email lists and sites like AW that post info about new updates. The hotfix and the SPs were available for download.
About the only other thing that can be done is for MS to start a security .NET Alerts service, force updates, or bug the heck out of the admin with system notifications (nice idea, Jagged). MS provides the tools, the admins must use them instead of always blaming MS whenever they (the admins) are criticized for their lack of action. This post was edited by n4cer on Saturday, January 25, 2003 at 23:35. |
| #8 By 135 (208.50.206.187) at 1/25/2003 11:45:12 PM |
|
Naw... SQL Server patches are by far the most convoluted of all the patches from Microsoft.
|
| #9 By 1845 (12.254.130.226) at 1/26/2003 4:29:33 AM |
| K, I'll bite. SQL Server patches are often quite annoying to install, but that in no way minimizes the admins' responsibility to install them. I'm not an enterprise lvl dba, but I'm quite able to installl SQL Server patches. Furthermore, I'm aware of them when Microsoft publishes them. It seems that if a small fry like me, who only stays current on such things for the sake of his internal dev machines, can do it, then a professional dba can do it. Let's quit making excuses for admins not doing their jobs. |
| #10 By 135 (208.50.206.187) at 1/26/2003 11:23:59 AM |
|
"Let's quit making excuses for admins not doing their jobs. "
What admins? We're talking about regular users here... After all Microsoft now wants to install SQL Server universally to everybodies desktop in the form of MSDE. I'm sorry, you can give excuses for Microsoft all you want, but the SQL Server patch routines are simply intolerable. I don't care if they are no worse than what Oracle and other db vendors do, they still suck. |
| #11 By 5444 (67.1.33.75) at 1/27/2003 12:44:20 AM |
|
Actually I will have to agree with Soda on this one.
Besides the Hotfix feature that was applied recently to this bug fix, doing the SQL installs are a royal PITA. Especially if you don't know of the instances of sql server running. With that, You have to individually check each machine and then run setup in a special update to take into account the instance. Be that a full version of sql server or msde that can be loaded with Office 2k or Office XP. let alone developer. So the case may not be the main database is exposing the network. but a computer that isn't nec behind the extra firewalls of the main database server. Actually that was a complaint about sql server and the install routines. But I do agree that it is the IT departments responsibility to keep an inventory of what computers have what installed. If it has office 2k or xp, it is time to check to see if the MSDE was installed and it has a Instance install not a standard install if that is the case. Personally I believe (as does several other people on teh beta test team) that a Better install routine should be written that will read the intance data and inform you of the different intances installed and which ones need to be updated. for example I have a msde Office instance and a vsnet intance as well as a standard msde install. If I run the setup for sp3, it will only update the standard msde. Which isn't the standard procedure for sp in the past. normally you run a sp and it upgrades the program period. Now from a developers standpoint I can agree with having the differences that way. What was it nt sp4 or was it 3 that really was a step backwards. But setup needs to clearly needs to state which instance needs to be updated. as to the bsa, I havn't gotten to recognize sql intances, is that just me?? El |
|
Write Comment
Return to News |
Displaying 1 through 25 of 155 Last | Next |
The time now is
11:51:46 PM
ET.
Any comment problems? E-mail us |
