# On the mySQL worm



## Elfan (Jan 25, 2003)

Wasn't a patch to fix this vulnerability released in May of last year?


----------



## Bob Hubbard (Jan 25, 2003)

From ABC 





> The virus-like attack, which began about 12:30 a.m. EST, sought out vulnerable computers on the Internet to infect using a known flaw in popular database software from Microsoft Corp. called "SQL Server 2000." The attacking software was scanning for victim computers so randomly and so aggressively, sending out thousands of probes a second, that it saturated many Internet data pipelines.
> 
> Most home users did not need to take any protective measures.



Its not MYSQL, but Micro$oft.  


> The attack sought to exploit a software flaw discovered by researchers in July 2002 that permits hackers to seize control of corporate database servers. Microsoft deemed the flaw to be critical and offered a free repairing patch, but it was impossible to know how many computer administrators applied the fix.



Basically, there are so many bugs and holes in MS stuff that most admins don't bother, especially since many of their service packs either have had poor track records, or have changed the TOS to more MS friendly ones.  The other thing is, most of the admins I know are stretched soo thin right now due to staffing and budget cuts, that they simply can't keep up.

We're safe, we run MYSQL and it is up to date and fully patched.   (See guys n gals, thats why I never sleep....hehehe)


----------



## Cthulhu (Jan 26, 2003)

MicroSsoft (MacroSuck) software is usually one big gaping security hole with a vague application written around it.  I'd use Linux for my OS if it was feasible and I *refuse* to run IE, Office, or Outlook.

Cthulhu


----------



## Elfan (Jan 27, 2003)

Woops sorry my bad should have frazed that better.  Didn't mean to imply it was a mySQL issue but a MS one.

Supose you use all Apache and other not MS programs for your server then?


Cthulhu, what do you use instead of MS Office? Open Office?


----------



## Bob Hubbard (Jan 27, 2003)

MT is on a RedHat linux box, running apache, mysql, php etc. 
I use Win 2000 (as XP is soooo much crap), and Dreamweaver for the development side.  I'd switch totally to Linux, but the 3 apps I need most are not native there...Mac is starting to look good again.  heh.

I spent 3 years as an NT network admin....its a royal pain keeping up with all the service packs, patches, etc, especially in a small (see 1 man) IS dept. 

I think Wordperfects got a decent office suite, but I'm going on 3rd hand info.  Havent used it myself.

:asian:


----------



## Cthulhu (Jan 27, 2003)

I've used WordPerfect since its first Windows release, back when it was published by Novell and not Corel.  Never had an MS Office app on any of my systems.

The only downside to using WordPerfect is that too many people are brainwashed into using Office products, so there are often issues with file formats.

Cthulhu


----------



## arnisador (Jan 27, 2003)

Am I the only one thinking of this (parody) song?


----------



## Cthulhu (Jan 28, 2003)

> _Originally posted by arnisador _
> *Am I the only one thinking of this (parody) song? *



Yes, you are.

You weirdo.

Cthulhu


----------

