[55179] in North American Network Operators' Group
Re: Level3 routing issues?
daemon@ATHENA.MIT.EDU (Stephen J. Wilcox)
Sat Jan 25 16:49:13 2003
Date: Sat, 25 Jan 2003 19:43:02 +0000 (GMT)
From: "Stephen J. Wilcox" <steve@telecomplete.co.uk>
To: Avleen Vig <lists-nanog@silverwraith.com>
Cc: "C. Jon Larsen" <jlarsen@richweb.com>,
Bill Woodcock <woody@pch.net>, Mikael Abrahamsson <swmike@swm.pp.se>,
nanog@merit.edu
In-Reply-To: <20030125180357.GV58624@silverwraith.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Sat, 25 Jan 2003, Avleen Vig wrote:
>
> On Sat, Jan 25, 2003 at 12:20:41PM -0500, C. Jon Larsen wrote:
> >
> > On Sat, 25 Jan 2003, Avleen Vig wrote:
> >
> > [snip]
> >
> > > Let's not blame MS for admins who don't know how to secure their boxes
> > > :-)
> > > A patch was released mid-2002 and was also part of SQL Server SP3
> >
> > Would it not also be a good idea/practice *not* to ever let a MS SQL
> > server (or *any* database server) sit on a network that is directly
> > accessible from the internet ? Having a firewall(s) in front of your
> > database server regardless of the type is pretty much common sense, right?
> >
> > Its bad enough to be stuck having to run/support IIS and MSSQL in any
> > scenario, but letting MSSQL talk to the world just seems like asking for
> > even more trouble.
>
> I agree absolutely. This is just bad practice and the network admins
> here need to re-think their security architecture.
I've not looked at any great detail into the exact sources but of the few I
looked at earlier I was surprised to find them on ADSL .. these may be corporate
networks this is the bit I dont know but some of them seemed to be residential,
weird!
Steve
