[55156] in North American Network Operators' Group
Re: Level3 routing issues?
daemon@ATHENA.MIT.EDU (Avleen Vig)
Sat Jan 25 14:32:41 2003
Date: Sat, 25 Jan 2003 10:03:57 -0800
From: Avleen Vig <lists-nanog@silverwraith.com>
To: "C. Jon Larsen" <jlarsen@richweb.com>
Cc: Avleen Vig <lists-nanog@silverwraith.com>,
Bill Woodcock <woody@pch.net>, Mikael Abrahamsson <swmike@swm.pp.se>,
nanog@merit.edu
In-Reply-To: <Pine.LNX.4.44.0301251216340.29489-100000@ford.richweb.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Sat, Jan 25, 2003 at 12:20:41PM -0500, C. Jon Larsen wrote:
>
> On Sat, 25 Jan 2003, Avleen Vig wrote:
>
> [snip]
>
> > Let's not blame MS for admins who don't know how to secure their boxes
> > :-)
> > A patch was released mid-2002 and was also part of SQL Server SP3
>
> Would it not also be a good idea/practice *not* to ever let a MS SQL
> server (or *any* database server) sit on a network that is directly
> accessible from the internet ? Having a firewall(s) in front of your
> database server regardless of the type is pretty much common sense, right?
>
> Its bad enough to be stuck having to run/support IIS and MSSQL in any
> scenario, but letting MSSQL talk to the world just seems like asking for
> even more trouble.
I agree absolutely. This is just bad practice and the network admins
here need to re-think their security architecture.
