Future Internet attacks expected Monday
Posted by Michael Stanclift on 26 January 2003 - 20:49 · 15 comments & 1487 views
About the Author
Full name: Michael Stanclift
Forum name: Marshalus
Contact: via forum PM
Submissions: Normal · Headline
Full name: Michael Stanclift
Forum name: Marshalus
Contact: via forum PM
Submissions: Normal · Headline
Slashdot It!
Submit to reddit
Submit to blinklist
Bookmark on del.icio.us
Add to furl
Share on Facebook
Add to Windows Live
Add to Google- Advertisement
-
-
#1 Posted by ENiGmA on 26 Jan 2003 - 20:53
- Of course there will be, "sys admins" are just too darned LAZY to apply 6 month old patches.
-
#2 Posted by kairon on 26 Jan 2003 - 20:57
- If this happens again I really will be angry at these lazy sys admins , you would think that after something like this they would patch the flaw quickly or at LEAST block port 1434!!
-
#3 Posted by FireRabbit on 26 Jan 2003 - 21:39
- Agreed. It's a shame that it takes a virus to get these people to update their systems. It's just a shame this one doesnt whipe infected harddrives clean, as thats what these morons deserve. I mean there are STILL computers vulnerable to codered out there!
-
#4 Posted by tmaxxtigger on 26 Jan 2003 - 21:40
- Yeah, surely these sites have firewalls?? Our DB server at work sits nicely hidden behind a firewall...
-
#5 Posted by csdavidson on 26 Jan 2003 - 21:42
- wonder how many ms-bashers out there are blaming all this on them! ha... granted that ms does have problems with secutiry, however, it's mainly sys-admins at fault, the problems over the weekend prove this...
-
#6 Posted by MitchShrader on 26 Jan 2003 - 21:42
- um, SOME home users have firewalls, and can configure port blocking.. is it too much to expect sysadmins to install same? or run patches monthly, (at least) or at least before they get PAID the next time, (in a core server for the whole bluidy internet!!) jeeze louise. Can you say stupid admin tricks? hate to sound patronizing ezzackly, but that's about some kinda dumb vulnerability..
-
(1 reply)
#7 Posted by csdavidson on 26 Jan 2003 - 21:51
- sys admins are just arrogant imo, and feel they'll never get attacked...lol
-
#7.1 Posted by Jon on 27 Jan 2003 - 01:42
Thats a bit of a sweeping generalisation isn't it? As another posted suggested, some admins simply dont have the time, and some feel its not worth risking corrupting a live server, risking downtime, hell some cant even be bothered to go through the change control process. Whilst I agree as much as the next person that sys admins are largly to blame for its spread, as with code red and nimda, I also appreciate how it feels to be on their side of the fence. The difference between good IT staff and crap ones is the ability to appreciate the difference between a corporate server and a home pc. You simply *cant* f*ck around with a corporate server. Installing one single patch involves hours and hours of work. If it goes wrong, the down time before getting a back up restored could cost an insane amount (lost revenue, support call increase, overtime, restore from backup, lost data etc) People like you dont appreciate this, and hopefully will never get jobs in IT.
-
#8 Posted by nummi on 26 Jan 2003 - 21:56
- Another reason to switch to a *NIX server
-
#9 Posted by danbalsh on 26 Jan 2003 - 22:02
- I talked to a mate of mine (runs a massive database on SQL 2000 at some business) didn't even have a clue about this!!!!! I told him, so he rushed off to work today (sunday) to fix it, lol
He just don't want to get fired on Monday morning
-
#10 Posted by Geronimo on 26 Jan 2003 - 22:15
- I dont see this being as big on Monday, I bet most of the SQL servers run thru the weekend. It is not like the average desktop users are running MS SQL.
-
#11 Posted by Evil_Dragon on 26 Jan 2003 - 22:21
- Ya know what's funny? I know what this "vulnerability" is, and I know it's been exploited in the past.
-
#12 Posted by Trust on 26 Jan 2003 - 23:49
- [quote] 75 watt power consumption [/quote] Wow
-
(1 reply)
#13 Posted by ThunderRiver on 27 Jan 2003 - 00:49
- #3, that's just wrong... you don't create virus like that to punish pep that don't patch their system often. MS has a part on this too. Their product has too many bugs, and they really need more time to beta test...
-
#13.1 Posted by JaggedFlame on 27 Jan 2003 - 07:23
- No, the patch was out for six months. The fact that their product has bugs has no bearing, because the bug was fixed. They should have made the patch easier to apply. [i]That's[/i] where they went wrong.
In South Korea, which was badly affected by the attack, systems engineers are racing to repair Internet networks amid fears Monday would bring new outbreaks as businesses switch on their computers for the new working week. South Korean Information Minister, Lee Sang-Chul, said he believed the problem was hiding, rather than fully resolved.
The attack, which brought down access to Neowin, and an estimated 1/3 of the Internet community was caused by a worm which exploited vulnerabilities in Microsoft's SQL Server program which runs a majority of the Internet's core information networks. Experts have said nearly a quarter of a million servers worldwide were effected Saturday, mostly in the United States, South Korea, and India. The attack, which targets Internet servers and does not infect home computers, slowed systems for several hours, affecting web browsing and e-mail delivery.
Internet security monitors at the FBI detected the attack shortly after it was launched on Saturday, limiting the damage.
In the worst widespread Web attack in a year and a half, the worm clogged network pipelines around the globe, nearly shutting down Internet providers in South Korea, disrupting a majority of Bank of America Corp.'s automatic teller machines and made online surfing and e-mail access difficult.
A key component of the SQL Server software, called "Microsoft SQL Server 2000 Desktop Engine," is particularly vulnerable to the malicious computer worm, which quickly propagates itself and seeks out other systems to infect.
Since MSDE is deployed not only in SQL software but in other programs used for software development, such as Visual Studio .NET and Office XP Developer Edition, it could spread beyond the database servers, Charney said.
"The unfortunate thing about this is when you know that this was a problem and they (customers) hadn't updated," Charney said, "That's a bit frustrating."
Charney was hired by Microsoft nearly a year ago, just when Chairman and co-founder Bill Gates issued a mandate that the company focus on "Trustworthy Computing," a campaign aimed at making its software more protected, secure and reliable.
Charney said Saturday's attack "showed how relevant that policy was."
"To respond to those threats, we need cooperation," Charney said.
Patches, or fixes, for programs using MSDN as well as for SQL are available on Microsoft's TechNet support page (http:/www.microsoft.com/technet), the company said.