[linux-elitists] MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!

Shawn McMahon smcmahon@eiv.com
Wed Jan 29 07:09:23 PST 2003


On Wed, Jan 29, 2003 at 10:00:12AM -0500, Aaron Sherman said:
> 
> The problem is that some people who were doing things like what I do
> (not me, since I run non-MS software) were hosed because those that they
> trusted were compromised.
> 
> In that case, there's not much you can do. You have to keep up-to-date

Sure there is.  Design your system to include what you want to
happen in case of a failure, as well.  Consider what happens if
the other guy gets compromised; give him only the access he
NEEDS, not the access he WANTS.  And yes, I realize that's a lot
of work, and requires overcoming bureaucratic inertia.  I'm
fighting the same fight, and not always winning.

> do deal with software bugs that lead to compromise. Automatic update is
> one way around it, but I would never trust MS EULA-viruses to update my
> box. :(

But you'll not only trust somebody else not to abuse the access you give
them, but also that they'll update their patches, AND that Microsoft
will have complete, timely patches?


-- 
Shawn McMahon         | Every time you walk out of the house
FedEx Services        | with clothes on, you give up freedom
DSS-MCO Security Lead | for temporary safety.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20030129/e35d42f8/attachment.pgp 


More information about the linux-elitists mailing list