Re: Why does sql 2000 scream to the world ... how do you shut this thing up?

From: Sue Hoegemeier (Sue_H_at_nomail.please)
Date: 10/13/03

• Next message: Ron: "I repeat ... Why does sql 2000 scream to the world ... how do you shut this thing up?"
• Previous message: Sue Hoegemeier: "Re: Permission on diagrams"
• In reply to: Ron: "Re: Why does sql 2000 scream to the world ... how do you shut this thing up?"
• Next in thread: Ron: "Re: Why does sql 2000 scream to the world ... how do you shut this thing up?"
• Reply: Ron: "Re: Why does sql 2000 scream to the world ... how do you shut this thing up?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Mon, 13 Oct 2003 07:40:40 -0600

SQL Server 7 is not affected by the slammer worm. Slammer
tries to compromise a system through the SQL Server
Resolution Service which is used by SQL Server 2000 to
support multi-instances. SQL 7 doesn't have multi-instances
so it doesn't use this service.

-Sue
 
On Mon, 13 Oct 2003 20:38:09 +1000, "Ron"
<ron@physiologic.com.au> wrote:

>Hi Neil,
>no , just as I wrote "and every time I start
>SQL2000 by the next morning I've had up to 15 slamnmer worm attempts! Turn
>it off for a few days (frustrated!) ... no slammer attempts." ...
>
> ... so why do I only get slammer attempts when SQL2000 is running? I've
>just been away for 10 days, SQL7 ran all that time ... not a slammer attempt
>... turned it on last night and had 12 attempts by morning? This has
>happened every time I've turned it on! The firewall reports SQL2000 has
>outgoing info, yet the only enabled protocol is named pipes and connect to
>other computors is unchecked ...
> ... so statistically it could be 'per chance'
>but I think the title for this thread is accurate ... they haven't fixed the
>'bug'
>
>ron
>
>"Neil Pike" <neilpike@compuserve.com> wrote in message
>news:VA.0000614b.0657c7ce@compuserve.com...
>> Ron,
>>
>> You mean you've had 15 attempts (that your firewall blocks) for Slammer
>to get
>> from the internet to your system?
>>
>> If so, that's just life on the internet I'm afraid. As long as the
>firewall
>> blocks them what's the problem? You're always going to have
>hackers/viruses
>> etc. TRYING to get into your systems. If you don't want that then don't
>> connect to the internet.
>>
>> > I have SQL7, have had for 3 years now, sitting behind a Sygate firewall,
>it
>> > talks to a web server when asked to by the active server pages running
>on
>> > the web server on the same machine ... a very simple setup. The firewall
>> > shows no incoming, no outgoing and no attacks registered.
>> > About 2 months ago I added SQL2000 to start to get the feel of it prior
>to
>> > migrating all databases over. I have it at SP3a (2000.080.0760.00), have
>> > ports 1434, 1433, and 2433 blocked in and out to the internet on
>firewall,
>> > have disabled TCP/IP, have clicked 'hide server' ... and every time I
>start
>> > SQL2000 by the next morning I've had up to 15 slamnmer worm attempts!
>Turn
>> > it off for a few days (frustrated!) ... no slammer attempts.
>> > What do you do to tell this thing to shut up until I ask it to provide
>data
>> > for a web page (no ... I've never connected to it via a web site/page).
>> >
>> > Any help appreciated ...or soon it'll be 'who wants a free copy of
>> > SQL2000Ent ... but I suggest you put it on a standalone so your data
>stays
>> > private!
>> >
>> > Ron in Oz
>> >
>>
>> Neil Pike MVP/MCSE. Protech Computing Ltd
>> Reply here - no email
>> SQL FAQ (484 entries) see
>> http://forumsb.compuserve.com/gvforums/UK/default.asp?SRV=MSDevApps
>> (faqxxx.zip in lib 7)
>> or www.ntfaq.com/Articles/Index.cfm?DepartmentID=800
>> or www.sqlserverfaq.com
>> or www.mssqlserver.com/faq
>>
>

---

• Next message: Ron: "I repeat ... Why does sql 2000 scream to the world ... how do you shut this thing up?"
• Previous message: Sue Hoegemeier: "Re: Permission on diagrams"
• In reply to: Ron: "Re: Why does sql 2000 scream to the world ... how do you shut this thing up?"
• Next in thread: Ron: "Re: Why does sql 2000 scream to the world ... how do you shut this thing up?"
• Reply: Ron: "Re: Why does sql 2000 scream to the world ... how do you shut this thing up?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Why does sql 2000 scream to the world ... how do you shut this thing up? ... It's based on the SQL Server Resolution Service running on ... >whats letting it know to try to enter the system? ... >> SQL Server 7 is not affected by the slammer worm. ... (microsoft.public.sqlserver.security) Re: SQL server ... I feel that your SQL server is affected with Slammer Worm. ... rapidly spreading computer worm infects networks and bogs ... Did you apply the SP3 for SQL Server, ... (microsoft.public.sqlserver.security) Slammer Worm/SQL Server 7 ... SQL Server 7 is not affected by the Slammer worm because ... it uses 1434 for some sort of named instance resolution. ... >7.0 was not at risk from the Slammer Worm but appears to ... (microsoft.public.sqlserver.security) Slammer Worm/SQL Server 7 ... SQL Server 7 is not affected by the Slammer worm because ... it uses 1434 for some sort of named instance resolution. ... >7.0 was not at risk from the Slammer Worm but appears to ... (microsoft.public.sqlserver.security) Slammer worm a threat to SQL Server 7? ... Is slammer worm a security threat to SQL server 7? ... is a patch for it. ... (microsoft.public.sqlserver.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)