Client Login 
Community 
Contact Us 
LinkBack URL
About LinkBacksThere is a new worm attacking MySql servers and it is spreading rapidly.
ZD Net Article
Welcome to the JaguarPC Community
Results 1 to 4 of 4
This is a discussion on MySql Worm in the Open Discussion & Chit-chat forum
There is a new worm attacking MySql servers and it is spreading rapidly.
ZD Net Article ...
-
01-28-2005, 08:17 AM #1Old Hillbilly
- Join Date
- Sep 2001
- Location
- Hills of Missouri
- Posts
- 2,646
MySql Worm
Forum Moderators - Jag Staff
Spam Whackers Blog - Dedicated to fighting Spam and providing General SEO Tips
Organize your Kitchen or purchase Kitchen Accessories at Condells
Ihelpyou Forum - Dedicated to "Best Practices" SEO
-
01-28-2005, 09:27 AM #2Old Hillbilly
- Join Date
- Sep 2001
- Location
- Hills of Missouri
- Posts
- 2,646
Here is some additonal infor from the MySql website.
<snipet>The UDF Worm is self-propagating code that is finding MySQL servers running on Microsoft Windows with poor firewall and password security.</snipet>
Article
Forum Moderators - Jag Staff
Spam Whackers Blog - Dedicated to fighting Spam and providing General SEO Tips
Organize your Kitchen or purchase Kitchen Accessories at Condells
Ihelpyou Forum - Dedicated to "Best Practices" SEO
-
01-28-2005, 10:18 AM #3|| $name ne 'R.Stiltskin'
- Join Date
- Jun 2003
- Location
- Tejas
- Posts
- 2,438
clssam,
In the same article there was a link to another security concern re search engines and their intrusions (a nice tie-in to your Google post).
Search engine crawlers dig up way too much
Paul Festa, CNET News.com
GameSpot Europe
November 26, 2001, 15:41 GMT
The charge:
The countercharge:"Webmasters should know how to protect their files before they even start writing a Web site," wrote James Reno, chief executive of Amelia, Ohio-based ByteHosting Internet Services . "Standard Apache Password Protection handles most of the search engine problems -- search engines can't crack it. Pretty much all that it does is use standard HTTP/1.0 Basic Authentication and checks the username based on the password stored in a MySQL Database."
I find myself on the side of the counterchargers in this. I liken this to attacking the argument that: "Well, you are responsible for the thief that came in to your house because you didn't lock it well enough." That is called shifting blame and doesn't sit well with me. Google is probably serious enough that they will address these concerns; however, others that copy their technology or employees that leave said company and reuse such technology may not have the scruples to contain the tools at their disposal. Since money typically trumps ethics, all webmasters and their hosts must work that much harder to protect themselves."We have a problem, and that is that people don't design software to behave itself," said Gary McGraw, chief technology officer of software risk-management company Cigital, and author of a new book on writing secure software.
"The guys at Google thought, 'How cool that we can offer this to our users' without thinking about security. If you want to do this right, you have to think about security from the beginning and have a very solid approach to software design and software development that is based on what bad guys might possibly do to cause your program grief."
Gee, like I didn't have enough to worry about.
-
01-28-2005, 10:27 AM #4Old Hillbilly
- Join Date
- Sep 2001
- Location
- Hills of Missouri
- Posts
- 2,646
Now it seems we have one more.Gee, like I didn't have enough to worry about.
Forum Moderators - Jag Staff
Spam Whackers Blog - Dedicated to fighting Spam and providing General SEO Tips
Organize your Kitchen or purchase Kitchen Accessories at Condells
Ihelpyou Forum - Dedicated to "Best Practices" SEO
Reply With Quote
Posting Permissions
Get Social:
Copyright © 2011 JaguarPC.com
Bookmarks