Sapphire Worm - I don't know about you, but I was pretty much off the net since Friday. This worm, that struck on Saturday (Macromedia had some of its own problems on Friday) left large parts of the net down in an attack that struck at vulnerabilities in MSSQL. Vulnerabilities that had been reported and patched months ago. How many of us are running systems that are exposed to hacks and attacks because we don't read the MS security alerts?
For information on MS Security patches see the MS site at http://www.microsoft.com/security (when it comes back up...).
The larger question is whether servers based on desktop technology can ever really be secure. One of the advantages of Linux and Unix OSs is that they allow you to remove and turn off just about everything you don't want on a machine. You can strip them to the bone and control security better because you don't have to worry about the rest of the things on the Maching. Windows always has a load of things running and more and more it seems that that is the core problem. Maybe it is time for MS to create a "stripable" Windows where you can remove all the components you don't need. In this particular case, it might not have helped, but in general it might be the right way to go.
8:56:16 AM
|
