[linux-elitists] BLASTING MICROSOFT BECAUSE OF WORM
Wed Jan 29 15:46:52 PST 2003
> While it's fun (however unsporting) to blast away at Microsoft for its
> security deficiencies, IMO the free software world should view the
> Sapphire / Slammer worm as more a cautionary tale. This is the sort of
> attack which _could_ potentially hit GNU/Linux or another 'Nix. I feel
> that the likelihood is lower than that for legacy MS Windows, though
> there are a large number of likely poorly maintained GNU/Linux and other
> 'Nix systems live on the Net.
There are definitely reasons to blast Microsoft:
1. They no doubt dismiss responsibility and blame it on the
lazy sys admins who don't keep up to date with patches.
Then it turns out they're infected with the worm themselves.
I'm waiting for them to admit which is it, they have lazy slob
sys admins too and are in no position to lecture, or that their
products are too difficult to keep secure?
2. Colleagues who are trying to apply this patch remark about how
darn huge it is and how difficult it is to apply. If you have
dozens of these machines, the time it takes to secure them
by click 'n drooling at each machine is enormous (especially
compared to a Linux/UNIX system).
3. I've heard that while Windows Update will quickly notify you of
newer, privacy invading editions of Windows Media Player, it is
completely and utterly silent on MS SQL Server updates.
4. Each patch that comes out is so huge and complicated that most
people take a reactionary position towards applying them, instead
of a proactive one.
5. Would it really kill them if the default setting of MS SQL Server
only accepted connections from local sockets? Most of the
hosts that have tried to infect me were clearly from residential
connections, which to me says students, hobbyists, etc. installed
it months/years ago to play with it, and have since forgotten it
running on their machines. A default ignore-network setting would
have gone a long way into taking these people out of the worm's
Michael Bacarella 24/7 phone: 646 641-8662
Netgraft Corporation http://netgraft.com/
"unique technologies to empower your business"
Finger email address for public key. Key fingerprint:
C40C CB1E D2F6 7628 6308 F554 7A68 A5CF 0BD8 C055
More information about the linux-elitists