North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Level3 routing issues?
- From: Dave Stewart
- Date: Sat Jan 25 20:36:27 2003
At 05:10 PM 1/25/2003, you wrote:
Not extensive testing, no... but again...
We have had multiple customers who had SP3 on their boxes that were
hit. SP3 was _supposed_ to include this patch, there is no
verification so far that it did.
Since all the providers have been blocking the attack spread from the
routers, installing SP3 on boxes post-attack hasn't really been put to
the test yet.
SQL Server 2000 SP3 is not the same animal as Windows 2000 SP3.
And after installing SQL Server 2000 SP3, I opened up the router to allow
all the 1434 traffic that came in... the box was hit on numerous occasions
over the next hour or so, and never did it get infected again.
SQL Server 2000 SP3 was just released on 1/17/2003... while the patch for
this vulnerability has been out since last July (and yes, I'm guilty of not
following it closely enough myself... no excuses)