New "SQLsnake" Microsoft Worm

sevenn writes "A new worm, targeting the Microsoft SQL daemon, has been sweeping the net. It uses massive scanning, default passwords, exploits against vulnerable versions and even attempts to brute force passwords. Here is the (vague) Microsoft bulliten, the SANS analysis, and a securityfocus article" Already over a thousand compromised system- you're apparently only vulnerable if you run MS SQL, but the worm is causing a substantial spike in traffic to port 1433 on the net.

Stupid admins... tool available

[NineNine]

Stupid fucking admins... there's a tool available for W2K boxes that checks to make sure all security patches have been applied to all server software up to the minute. All you gotta do is run it! It works great. Dumb fuckers.

http://support.microsoft.com/default.aspx?scid=k b; en-us;Q303215

Re:I switched!

[a3d0a3m]

Compare the number of patches to Apache, Perl, MySQL and Linux to the number of patches for Windows, IIS, and SQL Server in the past year and you will be surprised! A lot more patches on the open source side. Just because you install some free software doesn't mean you don't have to keep up with the patches!

adam

hush!

[Erris]

Let Sheldon blame the users. Thanks Sheldon, we would not want to blame a poorly designed undocumented bunch of crap on top of an OS without real users and permisions would we? Microsoft fixed all that, didn't they?

Think about the possiblity that holes might be put in firewalls to allow such traffic between corporate sites, that would be another good way to blame the users. That way, every desktop with Access 2000 could be burnt by this. Wow, think of a coroprate cluster fuc, functioning that way. Then imagine a cluster of corperations. BARF.