On Sat, 25 Jan 2003, Stephen J. Wilcox wrote:
Somebody remind me why Microsoft is still allowed to exist?
Dunno, arent they negligent?
In any other industry a fundemental flaw would be met with lawsuits, in the computer world tho people seem to get around for some reason.
Steve
Including the developers of SSHD, HTTPD, NAMED, CVS? How about Linus? Wanna call him up? I am no windows cheerleader, but to think this is something that happens only in windows-land is whack -- might as well put your head in the sand. Simple philosophy: Everything sucks at all times and all places. Routers, switches, hosts, OS's. We, as operators, have to do our best to deal. It's arguable you are as liable as anyone else, since this particular exploit is 'old news' and a patch has been available for it for some time. Also; everyone who just posted to this list made it abundantly clear that they don't have a firewall in front of at least one MS SQL server on their network. Should you really have port 1433/4 open to the world? Would you do this with a MySql server? -- Alex Rubenstein, AR97, K2AHR, alex@nac.net, latency, Al Reuben -- -- Net Access Corporation, 800-NET-ME-36, http://www.nac.net --