RE: [ISN] Crackers steal 52,000 university passwords

From: InfoSec News (isnat_private)
Date: Tue Nov 19 2002 - 06:31:50 PST

  • Next message: InfoSec News: "[ISN] Exclusive: Bin Laden associate warns of cyberattacks"

    Forwarded from: "Kelley, Brian" <BKelleyat_private>
    > Laukholm said the university was not aware that an SQL-database
    > automatically installs with a Windows 2000 server. This led to the
    > switchboard database not being properly upgraded with security
    > patches.
    Eh? This isn't true at all. Perhaps a SQL Server-type database like
    MSDE or even SQL Server itself installed with the switchboard software
    but not with the OS (at least, not yet). But that would be a different
    matter entirely. The issues with MSDE and its default settings are
    well-documented... sounds like they should be using Chip Andrew's
    SQLPing or eEye's Retina Scanner to look for rogue or unknown SQL
    Servers in their environment.
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Nov 19 2002 - 15:16:32 PST