Re: What could have been done differently?

[David Howe]

at Thursday, January 30, 2003 12:01 AM, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> was seen to say:
>> But this worm required external access to an internal server (SQL
>> Servers are not front-end ones); even with a bad or no patch
>> management system, this simply wouldn't happen on a properly
>> configured network. Whoever got slammered, has more problems than
>> just this worm. Even with no firewall or screening router,  use of
>> RFC1918 private IP address on the SQL Server would have prevented
>> this worm attack
>
> RFC1918 addresses would not have prevented this worm attack.
> RFC1918 != security
Indeed. More accurately though "don't have an SQL server port exposed to
the general internet you bloody fools" might be closer to the correct
advice to customers :)
I have been trying *hard* but can't think of a single decent reason a
random visitor to a site needs SQL Server access from the outside.