North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Level3 routing issues?
On Sat, 25 Jan 2003, Avleen Vig wrote: > > On Sat, Jan 25, 2003 at 12:20:41PM -0500, C. Jon Larsen wrote: > > > > On Sat, 25 Jan 2003, Avleen Vig wrote: > > > > [snip] > > > > > Let's not blame MS for admins who don't know how to secure their boxes > > > :-) > > > A patch was released mid-2002 and was also part of SQL Server SP3 > > > > Would it not also be a good idea/practice *not* to ever let a MS SQL > > server (or *any* database server) sit on a network that is directly > > accessible from the internet ? Having a firewall(s) in front of your > > database server regardless of the type is pretty much common sense, right? > > > > Its bad enough to be stuck having to run/support IIS and MSSQL in any > > scenario, but letting MSSQL talk to the world just seems like asking for > > even more trouble. > > I agree absolutely. This is just bad practice and the network admins > here need to re-think their security architecture. I've not looked at any great detail into the exact sources but of the few I looked at earlier I was surprised to find them on ADSL .. these may be corporate networks this is the bit I dont know but some of them seemed to be residential, weird! Steve
|