what's amazing are the assumptions that people are making--who says tht BoA servers or any BoA database were comprimised? who says they are even running MS-SQL? Read how the worm is spreading and you will understand that you dont have to be running anything that can be affected by the worm. my guess is that a company with LARGE blocks of routable addresses and probably very high speed connections to the Internet might have bigger problems with this worm which in effect becomes a denial of service attack on their edge devices even if they are filtering out udp 1494 at the edge.
take a look at the post by Ken and observe what is happening to the CPU of one of his router blades..... i definitely agree with your comment about the security con artist comparison the y2k consultants ""l0stbyte"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > the "dumb butts" are allowing access to SQL from public networks. how > difficult is it to filter stuff out? SQL boxes should be on private > networks, no routes to public, second or third tier, etc. Y2K all > over... This time in security business. Bunch of con artists claiming to > be security experts. > > Cheers... > > P.S. There was a news clip that BofA networks were effected. this is scary. > > l0stbyte > Symon Thurlow wrote: > > Cheers, > > > > Symon > > > > -----Original Message----- > > From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] > > Sent: 26 January 2003 20:02 > > To: [EMAIL PROTECTED] > > Subject: UDP port 1434 [7:61891] > > > > > > d tran wrote: > > > >>You wouldn't have to fight the udp 1434 problem had you decided to > >>scrap the shitty MS SQL server, running on crappy Windows machine and > >>replace it > >>MySQL (freeware) or real commercial database products like > >>Oracle, running on > >>Linux platform. > >>Enjoy fighting udp1434. LOL > >>DT > > > > > > I don't think that's true. He could have been a victim of other people > > running Windows SQL Server 2000. From what I understand about the worm, > > it not only repicated itself to other unpatched systems, but it send > > gazillions of packets to random IP addresses to port 1434. Many ISPs and > > companies were affected by it, not just the dumb butts who don't patch > > their systems. > > > > Here, we didn't seem to be affected by it, though. Maybe because I > > didn't check until Saturday afternoon? But no complaints came in. > > > > Are others willing to share their experiences? It could be a good > > learning opportunity. > > > > Anyone have a link to a good technical document about the worm? > > > > Thanks, > > > > Priscilla > > ============================================= > > > > This email has been content filtered and > > subject to spam filtering. If you consider > > this email is unsolicited please forward > > the email to [EMAIL PROTECTED] and > > request that the sender's domain be > > blocked from sending any further emails. > > > > ============================================= Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=61934&t=61891 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]