MS SQL 2000 Worm
coccolithophorid at earthlink.net
coccolithophorid at earthlink.net
Tue Jan 28 10:02:03 PST 2003
Chris Rock <stinger at pixar.com> wrote:
I agree with Mike Stanley. You can bring a horse to water, but you can't
force him to drink. Just because there is a security patch, not
everyone will update their
software with it. To be lazy is to be human.
Kevin Wrote:
I guess this includes Microsoft...nice.
from Slashdot.org
MSFT's own servers were infected with Slammer
Last weekend's Slammer worm turned machines running unpatched Microsfot
SQL server that were net-accessible into zombies that unleashed
torrents of bogus packets on random hosts, busying-out big chunks of
netspace for hours. The techy response was predictable: "What kinda
idjit runs a MSFT server product without applying all the patches? And
worse, what kinda idjit makes that machine available from the public
Internet?"
Microsoft, it turns out. MSFT's own network was riddled with infected
servers, which made it especially hard for affected sysadmins to get
themselves a copy of the patch.
"This shows that the notion of patching doesn't work," said Bruce
Schneier, chief technology officer for network protection firm
Counterpane Internet Security. "Publicly, they are saying it's not our
fault, because you should have patched. But Microsoft's own actions
show that you can't reasonably expect people to be able to keep up with
patches."
I want a pet. Maybe king cobra.
- Student from Fukushima Junior High
More information about the Titanium
mailing list