Note: This column represents the opinions
of the writer and as such, is not purported as fact
Sponsor's Message
|
Despite the squillions of dollars that Microsoft claims to have spent beefing
up the security of its software, it took just 376 bytes of malicious code
to cripple thousands of MS SQL servers this weekend and severely slow down
the passage of legitimate traffic across the Internet.
The tiny computer worm, known as SQL Slammer, was able to wreak massive havoc
thanks to a bug in Microsoft's code -- but Billy's boys are perhaps not
the only ones to blame this time.
An advisory and patch
for the security hole was released by Microsoft some six months ago yet
a huge number of "at risk" systems had still not been updated by the time the
worm hit on Saturday.
Check Out The Aardvark PC-Based Digital
Entertainment Centre Project
Updated 2-Dec-2002
Countering suggestions that the problem was primarily one of poor systems
administration, a number of admins have complained that, unlike regular Windows
patches, the SQL fix for this hole was just too awkward, time consuming and
complex to install.
At one stage, the amount of traffic generated by the worm was so great that
almost half of the Internet's root nameservers were effectively rendered
unreachable.
Most of the major Internet backbones around the USA were also so overwhelmed
that a large amount of geniune data traffic was being lost. This resulted in
some sites becoming unreachable, email being delayed and most other online
activities being significantly slowed.
No doubt many system administrators were working overtime on the weekend
in an attempt to patch the vulnerabilities that may have been present in
their systems or at least close the relevant ports on their firewalls --
better late than never I guess.
But what can be done to prevent a repeat of this work attack?
With Microsoft and other vendors still churning out buggy code, and many
administrators taking far too long to install the related patches,
even a relatively untalented cracker can potentially knock up a worm which has the
potential to really impact the performance of the Net.
Fortunately, the designer of this worm and, that of its most famous predecessor
"Code Red" have not been particularly intelligent. I shudder to think of the
results if (or should I say *when*) a really smart cracker decides to exploit
one of these vulnerabilities.
How long, in these days of "Cyber-terrorism", before a bunch of
crackers with an anti-Western ideology do the job properly and really
bring the Net to its knees?
Do you think I'm joking? After all, apart from annoying some Internet-addicts,
what real harm could such a worm do?
Well it's worth noting that this weekend's attack effectively disabled a number
of bank ATMs in the USA and completely knocked out South Korea's Internet infrastructure.
Experts attribute S.Korea's problems to the widespread use of broadband and the
high number of poorly configured servers.
The fault may have been mainly due to bad systems administration procedures
but if Microsoft had not created buggy code in the first place, neither this
latest worm nor Code Red could ever have even gotten off the ground.
Come on Bill -- instead of just paying lipservice to "Trustworthy Computing",
why not stop piddling around with distractions such as Digital Rights Management or
audio CD copy protection schemes and do what you promised! Remember that pledge
to put -- "security ahead of new features".
Yes, You Can Donate
Although the very kind folks at iHug continue to generously sponsor the
publication of Aardvark, the bills still exceed the income by a fairly
significant amount. It is with this in mind therefore that I'm once
again soliciting donations from anyone who feels they're getting some
value from this daily column and news index. I've gone the PayPal
way of accepting donations because the time involved in processing a bunch
of little credit-card billings sometimes exceeds the monetary value they
represent. Just click on the button to donate whatever you can afford.
NOTE: PayPal bills in US dollars so don't accidentally donate twice
what you were intending :-)
Contacting Aardvark
As always, readers are invited to submit their comments on material covered
in this column. If you'd like your comments published here then please
be sure to use this form and select For Publication.
Other media organisations seeking more information or republication rights
are also invited to contact me.
Add Aardvark To Your Own Website!
Got a moment? Want a little extra fresh content for your own website or
page?
Just add a
couple of lines of JavaScript
to your pages and you can get
a free summary of Aardvark's daily commentary -- automatically updated
each and every week-day.
Aardvark also makes a summary of this daily column available via XML using
the RSS format. More details can be found
here.
Contact me if you decide to use either of these feeds and
have any problems.
Linking Policy
Want to link to this site? Check out Aardvark's
Linking Policy.
|
Did you tell someone else about Aardvark today? If not then do it
now!
|
|
| 
= open in new window