29 Jan
2003
29 Jan
'03
7:01 p.m.
But this worm required external access to an internal server (SQL Servers are not front-end ones); even with a bad or no patch management system, this simply wouldn't happen on a properly configured network. Whoever got slammered, has more problems than just this worm. Even with no firewall or screening router, use of RFC1918 private IP address on the SQL Server would have prevented this worm attack
RFC1918 addresses would not have prevented this worm attack. RFC1918 != security