North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Level3 routing issues?
- From: Grant A. Kirkwood
- Date: Sat Jan 25 16:18:20 2003
On Saturday 25 January 2003 10:03 am, Avleen Vig wrote:
> On Sat, Jan 25, 2003 at 12:20:41PM -0500, C. Jon Larsen wrote:
> > On Sat, 25 Jan 2003, Avleen Vig wrote:
> > [snip]
> > > Let's not blame MS for admins who don't know how to secure their
> > > boxes
> > >
> > > :-)
> > >
> > > A patch was released mid-2002 and was also part of SQL Server SP3
> > Would it not also be a good idea/practice *not* to ever let a MS SQL
> > server (or *any* database server) sit on a network that is directly
> > accessible from the internet ? Having a firewall(s) in front of your
> > database server regardless of the type is pretty much common sense,
> > right?
> > Its bad enough to be stuck having to run/support IIS and MSSQL in any
> > scenario, but letting MSSQL talk to the world just seems like asking
> > for even more trouble.
> I agree absolutely. This is just bad practice and the network admins
> here need to re-think their security architecture.
Sometimes that's just not an option. We operate a colo facility, and while
we strongly encourage "best practices" customers don't always listen. "My
personal firewall will protect me" etc...
It's just unfortunate when one person's ignorance leads to problems for
other people, as in this case.
Grant A. Kirkwood - grant(at)tnarg.org
Fingerprint = D337 48C4 4D00 232D 3444 1D5D 27F6 055A BF0C 4AED