dancing penguin

home page logo

[Home] [Chess] [Gallery] [Links] [Linux] [Palm] [GPG Key] [eBooks]

Bruno, long time ago

Tue, 28 Jan 2003 SQL Slammer

On Jan 23, 2003, Bill Gates promised better security:
"Microsoft has a responsibility to help its customers address these concerns, so they no longer have to choose between security and usability."

On Jan 25, 2003, two days later, a massive DDOS attack was launched on the Internet, using Microsoft SQL Server flaw, by the SQL Slammer worm.

Up to 20% of the internet traffic was lost in transit, South Korea whole internet services were off, Bank of America teller machines stopped working, etc...

My network received 1200 attacks so far.

Whose fault?

Of course, M$ is not responsible for damages coming from a flaw for which a patch exists for 6 months. Not directly at least. The mistake comes from lazy & ignorant people who manage these systems.
As said in another page of this site, putting a Windows CD into a PC does not make anybody an administrator. Nor getting these funny 5 days MSCE certifications ;-)
This is where M$ is wrong and has responsability, as they go on arguing that "Windows administration is easy, anybody could do it!"

Waooo... At least this was a funny week-end ;-)

[/news/net] | permanent link | Google this