Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: management interface accessability (was Re: Worm / UDP1434)

  • From: Chris Lloyd
  • Date: Sun Jan 26 13:39:30 2003

On Sun, Jan 26, 2003 at 12:08:07PM -0600, Rob Thomas wrote:
> Just a point here:  Many road warriors are work-at-home folks who have
> their computers on 24x7.  They may be infected, and will fire up their
> VPN tunnels Monday morning.  This may introduce the worm into the chewy
> center of many corporate networks.  Hopefully folks have put the proper
> filters in place on their VPN access points.

Personally, I think it's unlikely the situation will get worse on Monday
because of people starting work. The first reason is that you can only get
infected if you're running SQL server (or MSDE) at home and someone sends you
one of the special packets. The second reason is that you, if you're infected,
send the packets to random IP addresses, and not only do you have to randomly
choose an address on the corporate LAN, but it has to be a machine running
SQL server. To my mind the probability of all these things being the case
is microscopic!

 - Chris

--
strawberry@toth.org.uk
http://www.toth.org.uk/~strawberry




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.