Re: some thoughts on the Slammer fiasco
From: Sid (gotmail@aol.com)
Date: 01/26/03
- Next message: RAy: "MS02-039"
- Previous message: Hal Berenson: "Re: some thoughts on the Slammer fiasco"
- In reply to: rip: "some thoughts on the Slammer fiasco"
- Next in thread: Steve Kass: "Re: some thoughts on the Slammer fiasco"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Sid" <gotmail@aol.com> Date: Sun, 26 Jan 2003 14:09:28 -0600
"rip" <riplips@yahoo.com> wrote in message
news:000801c2c56a$ebcea970$d7f82ecf@TK2MSFTNGXA14...
>
> None of my production servers were affected by this worm.
> Why? Because we don't run "bet your business", large
> revenue generating systems on windoz. We use VMS!!! After
> over 10 years and billions of dollars in revenue
> generation, we have never experienced ANY downtime due to
> viruses (or even loss of data due to StorageWorks).
I agree with this. Windows is the boy in the bubble.
>
> So why is this? The same dude (Cutler) who architected VMS
> was also the Architect for NT (now windoz 2000). It is
> absolutely impossible for an external IP connection to
> "Take over" a process on VMS because at it's core has a
> priviledged based process creation/image activation
> acrhitecture. Windoz has absolutely no concept of this idea
> and thus will ALWAYS be vulnerable to viruses. The only
> workaround is to block ports and have MS "hack" their own
> software. Pretty poor!!!
Note to self: check out vms
>
> So where was MS appology for this mess? Are they monitarily
> responsible? Will there be cival suits? When are they going
> to completely "create" a brand new OS thats secure? I use
> the word create loosely since MS has NEVER created their
> own OS; they bought everyone including windoz.
>
> Lastly, your premise of "loosers" is stupid. The entire
> internet was brought down by a poorly written application.
True, but when the fix is available for 6 months some of the blame lies with
the people using it. OTOH, if like another poster mentioned alot of people
have msde and don't even know it. Then the problem falls squarely on MS
shoulders, because no way in hell is grandma going to be patched up.
> Imagine that, application data traffic swamping the
> internet. So, the entire internets availability is the
> responsibility of clones to patch the MS products? No,
> lesson learned. Firewalls are worthless and routers (Cisco
> with million line access lists) were not designed to handle
> this. Is it the responsibility of a router to manage
> application traffic? i think what we need is a whole new
> level of technology to manage and secure application data
> traffic. Don't expect it from MS or Cisco; they'll just
> point fingers at each other.
>
> Lesson learned: Don't use MS to run your critical apps on
> and get them OFF the internet. Amazing that Bank of
> America's ATM network got infected from the internet. Why
> does that ATM network have any connections to the internet.
I was wondering that myself. At my work we use frame relay, we don't trust
the internet to be available when we need it.
Thanks for some insight I didn't have.
- Next message: RAy: "MS02-039"
- Previous message: Hal Berenson: "Re: some thoughts on the Slammer fiasco"
- In reply to: rip: "some thoughts on the Slammer fiasco"
- Next in thread: Steve Kass: "Re: some thoughts on the Slammer fiasco"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
