- Contacts
- Mobile Computing
- Solutions for email
- The NHS
- Security Solutions
- Remote Access SSL VPN
- Password & Identity Management
- Internet Firewall
- Secure DNS Server
- Document Collaboration
- Web Content Management
- E-commerce
- Alumni Membership
- Network File Encryption
- USB Memory Drives
- Smart Cards & Single Signon
- Aladdin eToken
- URL Web Filter
- Fault Tolerant IP
- SSL Acceleration
- Tape Backup
- Network Storage
- Wireless Networking
- Domain Names
- Resources
- Site
SQL Slammer Worm
The worms progress through the network was monitored by the Internet Storm Centre.
The surprising issue for me was the fact that it got a hold at all. The exploit is documented as using port 1434, now I ask myself how did any UDP packet destined for port 1434 get from the Internet to anyone's server?
I can only believe that there are some very poorly implemented firewalls out there. Or, and this may be more scary, the architecture of many systems in use on the Internet is so flawed that we're putting at risk many systems unnecessarily.
I guess its a mixture of things, indeed we all know there are many systems that are without any firewalls and are unprotected. These range from large corporate systems, web hosting farms and single users on cable/DSL connections. With the prevelance of the SQL engine, which exists in many products and not just Microsoft's SQL 2000, some unsuspecting or unknowing users are bound to be hit.
However thet's no real excuse for the remainder of us in the IT profession, we have to be seen to be bringing our knowledge and experience to the industry and those industries we serve. I don't believe its just a patch problem exacerbated by over stretched and under funded systems administrators.
Relying on point fixes, patches, service releases is no longer sufficient, a layered approach to security is what's required and a radical re-think of the fundamental architectures were deploying is a mandatory part of that process.