Re: some thoughts on the Slammer fiasco
From: Hal Berenson (haroldb@truemountainconsulting.com)
Date: 01/26/03
- Next message: Sid: "Re: some thoughts on the Slammer fiasco"
- Previous message: Lee Fuller: "Re: UDP/1434 - Don't Panic.. Just Fix It"
- In reply to: rip: "some thoughts on the Slammer fiasco"
- Next in thread: Sid: "Re: some thoughts on the Slammer fiasco"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Hal Berenson" <haroldb@truemountainconsulting.com> Date: Sun, 26 Jan 2003 12:02:23 -0800
Absolute rubbish. Back in the 80s and early 90s VMS systems were the prime,
and successful target, of most hacking attempts. Kevin Mitnick isn't the
most well-known hacker of all time for breaking into Microsoft systems! The
reason VMS systems are no longer the target is that they are (a) few in
number, (b) locked away in conservatively run data centers, (c) so little
enhanced that few new bugs can be introduced. It has little to do with
DEC's prowess or alleged Microsoft shortcomings.
On a technical note, it has nothing to do with VMS' privilege architecture.
Anyone who wrote elevated-mode code could, AND OFTEN DID, introduce buffer
overruns. I found and fixed several in elevated mode code myself. And
buffer overruns were rampant in user mode code, allowing clever programmers
to gain access to libraries, which were often running with elevated
privileges granted to the image (a vector that doesn't exist on Windows).
The Slammer exploit, for example, has nothing to do with privileges,
architecture, etc. It has everything to do with a (fixed, 6 months ago) bug
in a network service. It would be trivial for the same developer to have
created the same bug on a VMS system.
VMS is a great system, but to use it to knock Windows is B.S. There is also
plenty of other B.S. in your statements, and it really hurts your
credibility.
Hal
Former Consulting Engineer, Digital Equipment Corporation, 1976-1994.
-- Hal Berenson True Mountain Consulting "rip" <riplips@yahoo.com> wrote in message news:000801c2c56a$ebcea970$d7f82ecf@TK2MSFTNGXA14... > > None of my production servers were affected by this worm. > Why? Because we don't run "bet your business", large > revenue generating systems on windoz. We use VMS!!! After > over 10 years and billions of dollars in revenue > generation, we have never experienced ANY downtime due to > viruses (or even loss of data due to StorageWorks). > > So why is this? The same dude (Cutler) who architected VMS > was also the Architect for NT (now windoz 2000). It is > absolutely impossible for an external IP connection to > "Take over" a process on VMS because at it's core has a > priviledged based process creation/image activation > acrhitecture. Windoz has absolutely no concept of this idea > and thus will ALWAYS be vulnerable to viruses. The only > workaround is to block ports and have MS "hack" their own > software. Pretty poor!!! > > So where was MS appology for this mess? Are they monitarily > responsible? Will there be cival suits? When are they going > to completely "create" a brand new OS thats secure? I use > the word create loosely since MS has NEVER created their > own OS; they bought everyone including windoz. > > Lastly, your premise of "loosers" is stupid. The entire > internet was brought down by a poorly written application. > Imagine that, application data traffic swamping the > internet. So, the entire internets availability is the > responsibility of clones to patch the MS products? No, > lesson learned. Firewalls are worthless and routers (Cisco > with million line access lists) were not designed to handle > this. Is it the responsibility of a router to manage > application traffic? i think what we need is a whole new > level of technology to manage and secure application data > traffic. Don't expect it from MS or Cisco; they'll just > point fingers at each other. > > Lesson learned: Don't use MS to run your critical apps on > and get them OFF the internet. Amazing that Bank of > America's ATM network got infected from the internet. Why > does that ATM network have any connections to the internet. > Eventually the "internet" will be like a low cost mass > transit system like a bus or subway and those who want > highly available/secure networks will buy their own private > jets for transportation (completely isolated, autonomous > networks. Forget VPN). > > rip > > >-----Original Message----- > > > >These are my thoughts regarding some of the moronic posts > seen here > >recently. > > > >WTF are you running a software firewall on an SQL box for. > SQL should stand > >alone. And please buy a hardware firewall. > > > >Here is a question someone running Oracle would not ask. > "Can (software > >firewall of your choice) block port X. > > > >I am an SQL Server DBA and quite frankly ashamed of the > low level of > >knowledge and lack of willingness to keep up with simple > security updates on > >the part of the losers here whining about how to keep > their servers safe. > >Either learn how to play, or get of the field. And people > wonder why SQL > >Server DBAs make less than a DBA for Oracle, DB2, Sybase, etc. > > > >"But is was sooo easy to install, I clicked next. I'm > safe now, right?" > >Personally, I hope the IT slump goes on for 5 more years > to weed out > >wannabes like the people here. > > > >Sid > > > > > >. > >
- Next message: Sid: "Re: some thoughts on the Slammer fiasco"
- Previous message: Lee Fuller: "Re: UDP/1434 - Don't Panic.. Just Fix It"
- In reply to: rip: "some thoughts on the Slammer fiasco"
- Next in thread: Sid: "Re: some thoughts on the Slammer fiasco"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
