Re: SQL Server Worm devastates Microsoft Corporate networks!

From: Peter Köhlmann <Peter.Koehlmann_at_t-online.de>
Date: Tue, 28 Jan 2003 18:42:21 +0100
Message-ID: <b16fgv$cfl$06$1@news.t-online.com>

Simon Cooke wrote:

> Sinister Midget <xunil_at_kc-rr.com> scribbled:
> 
>> On Tue, 28 Jan 2003 08:07:49 GMT, simoncooke_at_earthlink.net drooled
>> and scribbled:

>>> asj <kalim_at_xxxx.com> scribbled:
>>>
>>>> Microsoft itself gets hit (and HARD) by the SQL Server worm!
>>>>
>>>> stan? hellllo? stan???? what's that cr*p again about lazy admins
>>>> you've been spouting? microsoft can't even protect itself and you're
>>>> expecting so many others to be able to do so?
>>>>
>>>> "Microsoft's policy of relying on software patches to fix major
>>>> security flaws was questioned Monday after a series of internal e-
>>>> mails revealed that the software giant's own network wasn't immune
>>>> from a worm that struck the Internet last weekend."
>>>>
>>>> "The messages seen by CNET News.com portray a company struggling
>>>> with a massive infection by the SQL Slammer worm, which inundated
>>>> many corporate networks Saturday with steady streams of data that
>>>> downed Internet connections and clogged bandwidth."
>>>>
>>>> "The messages put Microsoft in an awkward position: The company
>>>> relies on customers to patch security flaws but the events of last
>>>> weekend show that even it is vulnerable. In this case, Microsoft
>>>> urged customers to fix a vulnerability in the SQL Server 2000
>>>> software, but it apparently hadn't taken its own advice. Moreover,
>>>> despite its 1- year-old security push, the software giant still had
>>>> critical servers vulnerable to Internet attacks."
>>>
>>> Microsoft = Software Development company.
>>>
>>> Microsoft's developers use Visual Studio Enterprise edition as their
>>> basic development tool.
>>>
>>> VS EE comes with MSDE 2000 as its default database engine, and is
>>> installed by default.
>>>
>>> You do the math.
>>>
>>> Most software developers aren't going to care about patches to SQL
>>> Server -- especially if they don't use it, or are not running a
>>> site. As far as they're concerned, it's just a part of their dev
>>> system, and one they don't look at too often.
>>>
>>> *That* is why it caused problems for MS.

>>
>> Hey!! As a paid/unpaid/stockholding/whatever fulltime advocate for
>> everything $MONOPOLY, you're supposed to pass the buck and blame the
>> stupid admins at these places. That's what they're doing!
>>
>> It _STILL_ begs the question: How can they (or you, or Ewik, or any of
>> the multitude of winbots here) blame admins for not doing their jobs,
>> yet Micro-Soft gets an out? It's especially egregious when they blame
>> someone for doing the precise same thing they slam everybody else for
>> doing!!
> 
> Look, schmuckboy, it's quite simple:
> 
> Lots of dev machines, running MSDE (cut down SQL server for developers)
> or SQL Server = lots of machines not getting patched, because they're
> being run by regular developers, not sysadmins.
> 
> The server farms were being run by sysadmins, not developers, and so
> were patched -- but got hit by heavy traffic.
> 
> Now do you understand? Or do you want to show your cluelessness again?
> 

Ah, yes, so at MS it is just the norm that the developers machines are run by and looked after by those developers themselves. Sure. Makes a lot of sense. Anyone doing willy-nilly what he wants. Who needs network admins at MS, since the OS is sooo easy to manage, every little developer can bring it down and the network with it.
Do you have another idiotic lie in preparation, Simon? This one is so obviously wrong, because you would accuse every other company of gross negligance if it would work like that

Peter

-- 
I say you need to visit Clues 'R' Us. They are having a special on 
slightly used clues.

Received on Tue Jan 28 2003 - 11:42:21 CST