Thanks Microsoft! - Page 2

Marsman · 2003-01-27, 01:41 PM

Yeah I have to agree - lazy techs, sloppy work. no need of it. If you're worth your salt as a tech, you protect your company and it's software by patching when security flaws are discovered. Last July was plenty of time to prepare for this. No need of this many intrusions by this worm if techs had done their job.

Airlift · 2003-01-27, 02:03 PM

I like how people automatically assume that you don't know what you're talking about when you bash something they like. I work with a lot of microsoft software for development and I still think that a large chunk of it is garbage that wouldn't sell a copy if it wasn't automatically leveraged down our collective throat.

I think you should compare the number and severity of known security holes in SQLServer to the ones in MySQL or PostgreSQL and then share your findings with the class.

It is all fine and good to blame the massive crowd of administrators who failed to stay on top their patches, but it is e-tarded to automatically forgive the creators of the software of all responsibility. Nevermind the fact that most administrators have a shload of other things to worry about, each one at the top of someone's BS priority list.

Hijinks · 2003-01-27, 03:23 PM

Originally posted by Airlift

I think you should compare the number and severity of known security holes in SQLServer to the ones in MySQL or PostgreSQL and then share your findings with the class.

There are just as many bugs in mySQL et al.

Its just that nobody give a fuck about writing worms for mySQL.

Who should really be blamed is the fuck-tard who decided to let his sql server ports be open outside his firewall.

http://online.securityfocus.com/archive/1/307412

there is a link to a redhat security notice concerning four fixes to mysql. Two of them are remotely exploitably bugs that allow the user to run arbatrary code. Just like the sql server bug.

Oh yea, that patch was on 1-15-03, have you upgraded yet?

Airlift · 2003-01-27, 03:55 PM

apt-get, bitch

Hijinks · 2003-01-27, 04:25 PM

Originally posted by Airlift
apt-get, bitch

Granted linux has a better patching system then MS.

Microsoft needs to make Windows Update patch any MS software on the pc.

Hunter83 · 2003-01-27, 05:37 PM

Microsoft r0x0Rz

Hamma · 2003-01-27, 06:05 PM

Bet some people lost their jobs over this worm. haha

Sputty · 2003-01-28, 04:42 AM

Seems like it should. Heh, one of the big resons it wsa so succesful in Korea as all the Koreans using pirated server software...

Hijinks · 2003-01-28, 07:47 AM

Originally posted by Sputty
Seems like it should. Heh, one of the big resons it wsa so succesful in Korea as all the Koreans using pirated server software...

How does that have anything to do with not applying patches and having an open firewall?

Sputty · 2003-01-28, 10:17 AM

I don't think firewalls helped make a difference, also, I'm not sure, updating the server may have required Authorized versions. And old unused servers were part of it too and may have not been updtaed for those reasons. And if you ask me why so many of the Koreans didnb't update their server and you ant a 100% accurate answer expect me, not the people who ran thse servers or Korean, to give you one.

Hijinks · 2003-01-28, 10:24 AM

A firewall was a 100% guaranteed way to stop it. The patches can be installed on pirated versions.

I could see that a high rate of piracy resulted in more end users w/o firewalls running the software. They were probably the type of user who just installed it because they had it and then never thought about it again. That would certanly have made the outbreak more severe.