Internet Virus Just Killed AC2...

[Clowns]

...and part of DAoC servers.

Looks like EQ is chugging right along as usual. Gotta hand it to them, the servers ARE relatively stable when compared to these other lame MMORPGS.

[Uber Uberest ~Rathe]

Hold on what? can you elaborate.

[WarderX]

It's a worm. Kileld pricewatch and hardocp also.

[Iannis]

yeah, i remember how stable my server was. luckily it crashed daily for nearly a month straight, so everybody was impressed when it stayed up for more than 48 hours.

they probably just took them down for maintenance.

[WarderX]

Nah, it has nothing to do with anythong on ther side, as far as i know it jsut exploited a crappy (for lack fo a beter word) microsoft INS thing.

[khanibal]

Is there a site you read about this? Sounds like an insteresting read.

[Apokk Berzerk]

There's a new worm out (don't know the name yet) that attacks Mircosuck's SQL server and broadcasts out like crazy. It's completely crippled my company's VOIP network, as our latency to any destination has skyrocketed to 1500ms which is garbage for voice. I had heard that 5 of the 13 root servers went down today, not bad hehe.

I don't think this superbowl weekend is going to go well as far as Voice traffic is concerned.

Worldcom seems to be mostly affected. My guess Is that SoE doesn't use worldcom.

[WarderX]

Quote:

worm more preciesly.

From what I understand it was a amssive attack using an exploit in Microsoft SQl Server which resulted in servers pinging each other in infinite loops. Someone else said it took out 8 out of the 13 root DNS servers.

[Apokk Berzerk]

what I wanna know is, who the hell still uses MS software in the enterprise? blah what a waste.

At least monday morning all I have to do is wait for all the suckers to patch their windows systems while I browse EQ sites, ahh the irony.

[Araxen]

DAOC servers haven't gone down. No clue what you're talking..

[Iannis]

Oh, saw it on the news.

Heh, ATMs of a certain bank going down. Think that beats AC2 going down.

[elty]

http://news.com.com/2100-1001-982131.html?tag=fd_top
http://www.cnn.com/2003/TECH/interne...ack/index.html
http://www.microsoft.com/technet/tre...ts/slammer.asp
So it is discovered July 24, 2002 and fix is available on October 16, 2002.

[khanibal]

Quote:

So it is discovered July 24, 2002 and fix is available on October 16, 2002.

Does that surprise you?

[Aeka]

Quote:

Originally posted by elty
http://news.com.com/2100-1001-982131.html?tag=fd_top
http://www.cnn.com/2003/TECH/interne...ack/index.html
http://www.microsoft.com/technet/tre...ts/slammer.asp
So it is discovered July 24, 2002 and fix is available on October 16, 2002.

Yeah...so it only took 3 months to "fix" it, and little notification that the patch is available. WTG Microsoft! ^_^

Honestly MS still has a big problem with not only security in their product but handling of security issues. Things like this are not PR issues. You are still more likely to get notified about issues from a 3rd party than from MS. When it is acknolwedged by MS they are rather vague and hand waving about the contents of the patch (its good to know what is being fixed so you can test it...why take MS's word they fixed it right?). MS came up with this good little automatic update tool...which only a small portion of their products use.

The biggest sin of all is that there still appears to be NO list of patches for any of their products. No information on what patch is realivant to what. No idea what order to do it in. Its is as if MS doesn't want you to know the problems.

It isn't a wonder why people aren't more pissed at MS when this stuff happens. Yeah you can harp on the administrator for not staying on top of the security issues but wow...MS doesn't help anyone do it.

[Requiem]

Quote:

what I wanna know is, who the hell still uses MS software in the enterprise? blah what a waste.

Actually, Microsoft Windows 2000 Advanced Server/Datacenter and Microsoft SQL server have the best performance and scalability by quite a large margin on the same hardware when applied to the enterprise scope of tasks than any other combination of os/db software. They also happen to be the least expensive to liscence, operate, and develop for on that scale, and are used on in excess of 60% of all enterprise servers in operation today. Do me a favor and save your ignorant arguing for me until after you have gone and checked out http://www.tpc.org/

The only reason you hear about all of these widespead security issues is because no one bothers to fuck with anything else; And if they do, it's not a big enough deal to become news to the general public. If you were going to write a virus that you wanted to fuck the whole internet up with like code red or this one, would you write it for an operating system with less than 10% representation on the entire net, and basically zero representation on major enterprise servers playing the role of routers? Of course you wouldn't. The same goes for pretty much any virus that becomes "famous." Would the DC sniper dude be famous if he had shot one guy? You wouldn't have even heard about it unless maybe you lived there. Use your fucking peanuts. You think *nix doesn't have security issues? There was a LONGSTANDING bug where you could just specify an alternate shell using vi of all things and get root access on any server you could use a shell on. How's that for a security issue? There's all kinds of exploitable things on every single operating system and server software of any sort be it database, http, whatever. You just don't hear about it because it doesn't make the national news. Every single dumbass sitting here talking shit about Microsoft and their aweful products aparently is proclaiming to be an expert on internet security, when really they probably don't even know what sites you would look for new bugs and exploits for all platforms on. Know before you speak.