North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Level3 routing issues?

  • From: Stephen Milton
  • Date: Sun Jan 26 15:00:11 2003

It is entirely possible that my customer was referring to 2K-SP3.  I
am glad to hear some positive _tested_ results on SQLSP3 with the new
worm.

-Steve

On Sat, Jan 25, 2003 at 06:43:56PM -0500, Dave Stewart eloquently stated:
> 
> At 05:10 PM 1/25/2003, you wrote:
> 
> >We have had multiple customers who had SP3 on their boxes that were
> >hit.  SP3 was _supposed_ to include this patch, there is no
> >verification so far that it did.
> >
> >Since all the providers have been blocking the attack spread from the
> >routers, installing SP3 on boxes post-attack hasn't really been put to
> >the test yet.
> >
> >YMMV
> 
> Not extensive testing, no... but again...
> 
> SQL Server 2000 SP3 is not the same animal as Windows 2000 SP3.
> 
> And after installing SQL Server 2000 SP3, I opened up the router to allow 
> all the 1434 traffic that came in... the box was hit on numerous occasions 
> over the next hour or so, and never did it get infected again.
> 
> SQL Server 2000 SP3 was just released on 1/17/2003... while the patch for 
> this vulnerability has been out since last July (and yes, I'm guilty of not 
> following it closely enough myself... no excuses)

-- 
Stephen Milton - Vice President                (425) 881-8769 x102
ISOMEDIA.COM - Premium Internet Services        (425) 869-9437 Fax
milton@isomedia.com                        http://www.isomedia.com