New virus: did you suffer from it?

[Kaak]

guys, this hit a lot of people...
Bank Of america, Dell, MSN, and quite a few more...knocked out dell globally...

[Asher]

It should be a wakeup call to sysadmins everywhere that patches are released for a reason...

[Kaak]

i'm sure whom evers fault it was at dell is no longer employed by the company...i hate to guess the lost revenue...

[Asher]

SQL Server 2003 launches in a couple months to replace SQL Server 2000 (what was infected), and was completely overhauled in the past year in the interest of security.

It also features an auto-update feature, not unlike auto-Windows Update, to ensure critical patches are pushed through.

[muxec]

I think, that people who dont want to update own the warez version of product.

Have a nice bug. Free day.

[Richelieu]

This part of an email in my Inbox when i came in to work this morning:

Quote:

Starting at around 00:30 EST it appears that a distributed denial of service attack was launched on the Internet. Our out-bound traffic to the Internet approached 100Mbps which our 6Mbps pipe took exception to.

Everything seems to be OK now. We'll see.

[Panag]

Quote:

Originally posted by Kaak guys, this hit a lot of people... Bank Of america, Dell, MSN, and quite a few more...knocked out dell globally...

hi ,

and then to say there are products out there that can protect them , ......

..... products that cost less then what those firms pay each month to guys who are supposed to know this , ......




its like your pin code for the ATM , ......

the technology is in place to protect each card with 8 numbers , but most banks dont want to hear about it , .....



have a nice day

[aaglo]

Yeah, I got it 2 months ago, and I've had a bad flu since then...

No, wait... We aren't talking about virology here ?

[Wraith]

--"Surely you're a bright enough man to know the patch was for a product released in late 99/early 2000,"

Yeah, but there's one problem with that. If you look at the MS TechNet notes for the issues, their first patch caused problems with SQL Server operations. They had to patch their patch later.
I also note that the original vulnerability was a buffer overflow. This problem has only been known about since, oh, the 1950s or so. Heck, MS even owns the IP on an automated buffer overflow code auditor (the fact that their buffer overflow code auditor was originally released with a buffer overflow vulernability is another matter).

--"It also features an auto-update feature,"

Yeah, I know you and MS like to push this feature, but there's a problem. Like I mentioned above, the original patch broke some things. It's not the first time a MS patch has done that. Anyone running anything mission critical simply can not afford to have their software automatically upgraded.

Wraith
"It had three holes and I really wanted one."
-- Keitaro ("Love Hina")

[XarXo]

MMm, I'm using WinMX for three days (all time computer turn on) and I registered 16 failed intrusions in my firewall, is VERY high compared to the classical 2 or 3 per day!!! It happened in sunday at morning (CET).

10 of these attacks were on my 1434 port, my computer hasn't Ms SQL, but this shows me that some computers that do random IP chekings (like the classical Ad text that appears like a messenger note by the messaging system of the net command that have the NT/XP os) have been infected.


--/--

BTW, WinMX is great for private file transfers, just add the other to hotlist and put queues and other to 1 and is perfect!!

--/--

[Wraith]

A couple new notes on this.

First, an Inquirer article about how to apply the patch.

Second, a note that this vulnerability appears in other products than just MS SQL. I've seen mention of Visio 2000 and MSDE, the desktop edition of SQL. The real problem with this is that there are probably a lot of people out there who have some version of SQL installed and don't know about it. MS programs like to silently bundle stuff like this. There are also reports on Bugtraq about MS's tools misidentifying SQL patch levels.

Still, no excuses for the corporate IT guys. There's no reason to allow SQL traffic through the firewall in the first place (not without it being VPNed anyway). But that won't help the home users who don't know they're running it in the first place.

Wraith
"Computer /nm./: a device designed to speed and automate errors."
-- From the Jargon File.

[Panag]

There seems to have been a slight problem with the database. Please try again by pressing the refresh button in your browser.

We apologise for the inconvenience.


Database error in vBulletin: Link-ID == false, connect failed
mysql error: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)
mysql error number: 2002
Date: Monday 27th of January 2003 03:50:27 PM
Script: /forums/newreply.php?s=&action=newreply&postid=1667434
Referer: http://apolyton.net/forums/showthrea...34#post1667434



hi ,

this is new , is it related ?

have a nice day