Re: some thoughts on the Slammer fiasco

From: rip (riplips@yahoo.com)
Date: 01/27/03 

From: "rip" <riplips@yahoo.com>
Date: Mon, 27 Jan 2003 08:11:33 -0800

Ha, Ha. I absolutely love this. The first url has
"bulletins" that are TEN years old. The second one is about
UCX (a discontinued product) POP server and assumes the
hacker already has logged into the system and can execute
command lines. The third one is for MADGOATS freeware
messaging sw (U get what u pay for).

OK, I admit, my previous post about VMS was arrogant. But,
the VMS engineers take security very seriously. After years
and years of MS viruses, you would think MS would do
something seriously about it. Ironic, that just a day
before the slammer attack, Gates announced that MS would be
piling more money into security. I think it's just more lip
service.

rip

>-----Original Message-----
>http://www.ciac.org/ciac/bulletinsByType/vndr_vax_sys_bulletins.html
>bugtraq@securityfocus.com/msg09212.html">http://www.mail-archive.com/bugtraq@securityfocus.com/msg09212.html
>http://tinyurl.com/4xe7
>
>SK
>
>rip wrote:
>
>>None of my production servers were affected by this worm.
>>Why? Because we don't run "bet your business", large
>>revenue generating systems on windoz. We use VMS!!! After
>>over 10 years and billions of dollars in revenue
>>generation, we have never experienced ANY downtime due to
>>viruses (or even loss of data due to StorageWorks).
>>
>>So why is this? The same dude (Cutler) who architected VMS
>>was also the Architect for NT (now windoz 2000). It is
>>absolutely impossible for an external IP connection to
>>"Take over" a process on VMS because at it's core has a
>>priviledged based process creation/image activation
>>acrhitecture. Windoz has absolutely no concept of this idea
>>and thus will ALWAYS be vulnerable to viruses. The only
>>workaround is to block ports and have MS "hack" their own
>>software. Pretty poor!!!
>>
>>So where was MS appology for this mess? Are they monitarily
>>responsible? Will there be cival suits? When are they going
>>to completely "create" a brand new OS thats secure? I use
>>the word create loosely since MS has NEVER created their
>>own OS; they bought everyone including windoz.
>>
>>Lastly, your premise of "loosers" is stupid. The entire
>>internet was brought down by a poorly written application.
>>Imagine that, application data traffic swamping the
>>internet. So, the entire internets availability is the
>>responsibility of clones to patch the MS products? No,
>>lesson learned. Firewalls are worthless and routers (Cisco
>>with million line access lists) were not designed to handle
>>this. Is it the responsibility of a router to manage
>>application traffic? i think what we need is a whole new
>>level of technology to manage and secure application data
>>traffic. Don't expect it from MS or Cisco; they'll just
>>point fingers at each other.
>>
>>Lesson learned: Don't use MS to run your critical apps on
>>and get them OFF the internet. Amazing that Bank of
>>America's ATM network got infected from the internet. Why
>>does that ATM network have any connections to the internet.
>>Eventually the "internet" will be like a low cost mass
>>transit system like a bus or subway and those who want
>>highly available/secure networks will buy their own private
>>jets for transportation (completely isolated, autonomous
>>networks. Forget VPN).
>>
>>rip
>>
>>
>>
>>>-----Original Message-----
>>>
>>>These are my thoughts regarding some of the moronic posts
>>>
>>>
>>seen here
>>
>>
>>>recently.
>>>
>>>WTF are you running a software firewall on an SQL box for.
>>>
>>>
>> SQL should stand
>>
>>
>>>alone. And please buy a hardware firewall.
>>>
>>>Here is a question someone running Oracle would not ask.
>>>
>>>
>>"Can (software
>>
>>
>>>firewall of your choice) block port X.
>>>
>>>I am an SQL Server DBA and quite frankly ashamed of the
>>>
>>>
>>low level of
>>
>>
>>>knowledge and lack of willingness to keep up with simple
>>>
>>>
>>security updates on
>>
>>
>>>the part of the losers here whining about how to keep
>>>
>>>
>>their servers safe.
>>
>>
>>>Either learn how to play, or get of the field. And people
>>>
>>>
>>wonder why SQL
>>
>>
>>>Server DBAs make less than a DBA for Oracle, DB2,
Sybase, etc.
>>>
>>>"But is was sooo easy to install, I clicked next. I'm
>>>
>>>
>>safe now, right?"
>>
>>
>>>Personally, I hope the IT slump goes on for 5 more years
>>>
>>>
>>to weed out
>>
>>
>>>wannabes like the people here.
>>>
>>>Sid
>>>
>>>
>>>.
>>>
>>>
>>>
>
>.
>

Relevant Pages

  • Re: Search Issues persist event id 2424 remains
    ... but my two WFEs and SQL are on the same network ... the DNZ and the SQL Server in your Intranet. ... where is the equivalent Internet setting? ...
    (microsoft.public.sharepoint.windowsservices)
  • Re: Urgent! New router and big disaster
    ... The SBS DNS server, running on ... its IP it means that your problem is now DNS. ... forward ports to it reliably in the router. ... I should have been more clear about internet connection.. ...
    (microsoft.public.windows.server.sbs)
  • Re: RWW Disconnecting
    ... I have been connected from a remote site for about 3 ... DHCP server and even a wireless access ... the key codes to for Internet access. ... Client Workstations} ...
    (microsoft.public.windows.server.sbs)
  • Re: Urgent! New router and big disaster
    ... I checked the binding order and the Server Local area connection is at the top. ... I should have been more clear about internet connection.. ... I wonder if I may have missed a firewall setting on the router as well. ...
    (microsoft.public.windows.server.sbs)
  • RE: remote access SBS 2003 Inop
    ... Since you know the problem is relate to RRAS (Routing and Remote Access ... On the SBS 2003 Server open the Server Management console. ... Click the "Connect to the Internet" link. ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)