New Microsoft SQL Server Worm 290
Ian Bell writes: "A new unnamed worm has been released and, once again, Microsoft software is the target. More specifically, this new worm targets Microsoft SQL servers with no administrator passwords set. Once the server is infected, it logs onto Internet Relay Chat (IRC) servers and is ready to receive commands and act accordingly. Although this can be a fairly malicious worm, it is very unlikely to infect many servers due to the fact that majority of Microsoft SQL servers have administrator passwords."
Re:Stupid (Score:2, Informative)
Re:default password == blank (Score:3, Informative)
I've done contract development at quite a few places that had publicly exposed sql servers with blank sa passwords.
Re:Astounded (Score:2, Informative)
Thus saying that, with less users using that OS, the less chance of a security problem occuring due to the low usage of Macintoshes as Servers. I am certain there are a lot of undiscovered bugs in Mac OS that we're not aware of, it is only a matter or time before they're found or never found out at all.
IIRC, the last bug or exploit that I have seen involving the Mac OS was a exploit in Microsoft Internet Explorer. That is a third-party issue though.
I feel the urge to move back to Macintosh now, though. OS X looks very purdy.
MSDE doesn't listen to 1433 (Score:3, Informative)
Re:Before you trash Microsoft, (Score:2, Informative)
Actually, microsoft has created alot of reluctance amongst more experienced users to keep up to date.
Many service packs have actually broken systems in the past - making people who know what they are doing reluctant to apply a service pack until they are sure that it really works.
Also, many security updates depend on these service packs. In fact, some of microsofts own update reporting system will not see the patches until they are running on an up to date service pack.
It becomes a catch 22 - either way, you are dammed (well, you certainly would have been in the past). Maybe microsoft will not make these sort of errors again. Hmmm, did I just say that?
So, I'm not sure its totally preventable on MS software.
Comment removed (Score:3, Informative)
Re:MSDE too? (Score:1, Informative)
There's a HUGE security hole in MSDE given that it installs with blan password and makes it very difficult for administrators to set a password.
There was a nice article about the problem in the german c't magazine. It's not online, but it's c't 20/01 page 44.
(http://www.heise.de/ct/inhverz/search.shtml?T=
Re:MSDE doesn't listen to 1433 (Score:3, Informative)
As for the real SQL Server, I just installed SQL Server 7.0 Developer Edition on a test Win2K Server machine--if I pick custom install, it lets me choose which network libs to install, and by default, Named Pipes is checked (and can't be unchecked), TCP/IP Sockets is checked, and Multi-Protocol is checked. I cancelled that and restarted the setup using all the default/typical settings, and after it was all done, I started the service and it was happily listening on TCP port 1433 with no password on the sa account.
So MSDE and SQL Server default to a couple of protocols; TCP/IP is one of them. You do not have to specifically tell them to listen on TCP/IP.