[thelist] MSSQL Worm
Garrett Coakley
garrett at polytechnic.co.uk
Wed May 22 10:10:01 CDT 2002
Thought I'd post this here as I know we have quite a few developers using
MSSQL:
>From http://online.securityfocus.com/news/429
--
A mounting trail of evidence has security experts warning that a new
Internet worm targeting Microsoft SQL servers could be on the loose.
Since Monday, a sharp spike in remote probes of TCP port 1433, which
commonly is used by Microsoft's SQL database, has been reported by many
server administrators, according to SecurityFocus, which operates an
incident-reporting system called ARIS.
Officials at the SANS Institute, a computer security education and
analysis organization, also reported today that they have received
"exploit code" that indicates the increase in port 1433 scans may be due
to a self-propagating worm rather than to manual probes by would-be
attackers.
--
More info available at http://www.incidents.org/diary/diary.php?id_6
Might be a good time to check that all your boxes are locked down.
G.
More information about the thelist
mailing list