[linux-elitists] MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!

Shawn McMahon smcmahon@eiv.com
Sun Jan 26 07:20:09 PST 2003


On Sun, Jan 26, 2003 at 09:37:47AM -0500, Andrew said:
> 
> There are a lot of closed-source (financial!) applications which need to 
> connect directly to an SQL Server 2000 database.  Winfund is one such POS 
> software, but there are others as well.  AccPAC (MiSYS) is another -- this 

ssh is your friend; these applications are not.  I'm assuming you
don't mean "point of sale".  :-)

> If the RDBMS code is solid, it shouldn't be a problem.  Closed or open, every 

You should never have ANY capability exposed to the Internet that
you don't absolutely need.  There is no reason in the world for
your DBAs, for instance, to need an in-the-clear, non-proxied
connection over the Internet to administrate the database, and
thus it should not be possible for this access to be gained that
way.  Any application that doesn't work that way isn't designed
to live outside a firewall, and shouldn't be encouraged behind
one either.  Complexity breeds bugs, no matter how solid your
coding processes are.


-- 
"Under no circumstances will I ever purchase anything offered to me as
the result of an unsolicited email message. Nor will I forward chain
letters, petitions, mass mailings, or virus warnings to large numbers
of others. This is my contribution to the survival of the online
community." - Roger Ebert, "The Boulder Pledge"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20030126/b8deb098/attachment.pgp 


More information about the linux-elitists mailing list