MicroSoft hit by Slammer
Jerry Feldman
gaf at blu.org
Thu Jan 30 10:16:20 EST 2003
On Thu, 30 Jan 2003 09:50:20 -0500 (EST)
David Roberts <droberts at mc.com> wrote:
> I have heard multiple times on this group how it is
> the failure of people to keep on top of updates
> which opens the door to attacks, but I read an
> article this morning on how MicroSoft failed to do
> so and was also attacked by Slammer.
Part of the problem in keeping up to date is that there is a bit of work
involved. On the high end, if you were running a big server, you would
need to bring it down to install the updates. For Windows systems this
may be a longer process than Unix systems. With Unix and Linux, you can
install the update, stop the service (eg. Apache), and restart it. Or
you can even test it on the same server on a different port. Essentially
the only thing that would require a reboot would be a kernel upgrade or
/sbin/init. Virtually everything else can be installed on a running
system. (The C runtime library is a bit tricky). With a Microsoft
Server, you generally cannot upgrade core components without first
taking them down, although the famous frequent reboots are no longer
necessary if the team knows what they are doing.
But even so, in any environment, you would need to shut down some
service. This tends to be mitigated in a multi-server clustered
environment.
The SQL Slammer only affected Microsoft SQL Servers, but in general,
many low end users (home or corporate) don't understand the update
process. And, I maintain that many system managment people are under
qualified, or over worked.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20030130/67c9d409/attachment.bin
More information about the gnhlug-discuss
mailing list