[linux-elitists] MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!

Nick Moffitt nick@zork.net
Fri Jan 31 13:28:45 PST 2003


begin  Andrew  quotation:
> There's security, and then there's realistic security.  A
> reasonably-paranoid NAT and stateful firewall would have also
> stopped this.  Proxies work great so long as everyone plays nice.
> Unfortunately not all applications we run play nice, and the ones
> writing the cheques don't particularly care that fooWare 2000
> doesn't play well with proxies, they just want the software they
> were sold to work.

	Sometimes they play too nicely.  Brian Behlendorf once told a
story about MSIE re: HTTP 1.1.  He said that they just plain didn't
work with apache's 1.1 stuff.  

	Some reps said "but we *tested* it against apache!  We forced
HTTP 1.1 in the client code and tested *apache.org* for krissakes!".

	"Well, it doesn't load apache.org NOW!"

	"Wait, it works just fine for us."

	Turns out their proxy was accepting their MS version of
HTTP1.1 and then speaking HTTP1.0 to the outside world.  Their tests
were all bogus from the get-go.

	



More information about the linux-elitists mailing list