Slammer Worm
I read something earlier (can’t find the link now) that indicated the SQL Slammer worm’s effect on Europe wasn’t as widespread as it was in other parts of the world. It would be interesting to see what the Windows Server market share is in Europe compared to other places around the globe.
I also read this:
…The flaw was known and the patch was readily available so there are no excuses for the victims.
What exactly do they mean by victims? I’m assuming it’s directed at System Admins, but in seems like they weren’t the only victims. In my opinion the guy that couldn’t use the ATM was a victim. I was a victim in the sense that no one could access my linux servers because my ISP was out of service due to all the garbage coming from the MSSQL servers. Neither myself nor the guy at the ATM had anyway of preventing this from affecting us, which is what the quote seems to imply.
I’m also a little miffed at the implication that this was solely the result of System Administrators (notice the quote came from a Microsoft affiliated organization). As a Sys Admin myself I’m perfectly willing to accept it’s our responsibility to keep systems patched and up to date. Considering the patch has been published for 6 months I’ll agree, most of the blame should rest with lazy Sys Admins, under staffed IT departments, etc, but I don’t think that completely absolves Microsoft from providing systems that aren’t riddled with security holes. keep in mind the last major internet attacks (SQL Slammer and Code Red, Nimda) were results of Microsoft security flaws.