Jochem, It would seem that having a local university private subnet would be a good solution.. and also this would cut down on people running un- authorized servers...
On the router side or NAT you could do port translation and make things further "burried"... In our environments to eliminate this sort of problem, we issue a dual IP... the private ip range say 192.168.1.xxx or one of the other 3 permissible private ranges goes along to the user along with their public IP... Any App server needing to talk to the database must do so on the local IP segment otherwise it won't work... I understand that the approach has complexity issues when dealing with fluid usage like your own... The approach does solve a few problems when perfected... It makes your databases and other key assets non- accessible publically... requiring someone login securely to a public box to access the private resource... Paris Lundis Founder Areaindex, L.L.C. http://www.areaindex.com http://www.pubcrawler.com 412-292-3135 [finding the future in the past, passing the future in the present] [connecting people, places and things] -----Original Message----- From: Jochem van Dieten <[EMAIL PROTECTED]> Date: Sun, 26 Jan 2003 13:58:10 +0100 Subject: Re: SQL Worm > Paris Lundis wrote: > > > > God forgive any Schmoe who runs their SQL server on a direct net > > connected box ... > > Sometimes you have little choice. If your university has 3 /16's and > people have mobile workplaces with IP addresses from all over them > leaving all 3 /16's open to the server is pretty much your only > choice. > Then throw in a few CS students [1] running unpatched MS SQL Server > installs in their dorms within those 3 /16's and suddenly the vector > is > inside your own network. > You don't always have as much control over your network as you would > like. > > Jochem > > [1] Amazingly enough all MS SQL Servers here that were run by non-CS > students were properly secured (or at least didn't show any confirmed > infections). > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
