|
BugTraq
Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 25 2003 11:17AM Umit Tiric (umitt softcom biz) (1 replies) Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 25 2003 11:35AM Jay D. Dyson (jdyson treachery net) (1 replies) RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 25 2003 09:40PM Jason Coombs (jasonc science org) (4 replies) Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 25 2003 11:59PM Charles Miller (cmiller pastiche org) RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 25 2003 11:12PM Jay D. Dyson (jdyson treachery net) RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 25 2003 11:11PM Richard M. Smith (rms computerbytesman com) (1 replies) RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 26 2003 01:08AM Brian McGrogan (brian encinc com) (2 replies) Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 26 2003 12:48AM Andrew Emerson (westy vividhosting com) Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 26 2003 12:46AM peloy chapus net (Eloy A Paris) |
|
Privacy Statement |
> As of now we don't know who wrote the worm, but we do know that it looks
> like a concept worm with no malicious payload.
The payload may not have been malicious to the host, but this does
not imply a lack of malice. It certainly caused, and is causeing
a large ammount of grief in the network sense.
Given the steps taken to randomise the target IP address, it is
highly likely that this worm was targetted at networks, not hosts.
> There is a good argument to be made in favor of such worms.
I'm afraid that your argument doesnt hold up to scrutiny. There is no
logical reason why the rest of the non MS-SQL using world being
affected by an MS-SQL bug (and an inadequecy on the part of MS-SQL
admins) should be a good thing.
If the worm had a malicious (in your terms) payload, it would have
caused networks just as many problems (so no gain there), and more harm
to MS-SQL users. Using your logic, surely this much more damaging
experience would have cause MS-SQL admins to be more responsible in
keeping up to date ? Or rather, more fearful of future exploits.
As it is, MS-SQL admins may feel that since this bug did not affect
them in any serious way (if you can follow that certain line of
thought), they may assume the same thing about future exploits.
When viewed from that perspective, this exploit is as malicious as
possible to general internet infrastructure. Benign to the people who
can do something about it, malicious to those who cannot.
--
colmmacc at redbrick.dcu.ie
[ reply ]