-----BEGIN PGP SIGNED MESSAGE----- On September 6, 2001 09:07 am, John Thornton wrote: > The thing that scares me about codegreen and others like is the fact > that it reboots IIS without even warning the network administrator. > In the real world there are production servers that are running > 24/7. Just up and rebooting a extremely important service such as > IIS without letting anyone know is unheard of. For example, the company Ok... I agree with you up to a point - some systems shouldn't be rebooted during peak times.... > I work for runs a web based product that stores there clients data > on SQL servers that is updated by IIS. If my servers just started > to reboot while clients were using the product, our data integrity > just went down the toilet and when you are talking about a product > that is COMPLETELY data driven we have a problem. Now we are talking > about countless man hours to inspect the database's and possibly > have to fix the database's that your program just craped on. DBA's WHOA! Umm... this program is rebooting the machine, not pulling the plug... Given that this is NT, the random BSOD/HALT would cause you much more problems... but since CodeGreen reboots your server, if your application is at all intelligent, it will catch the NT equivalent of SIGTERM and shut down nicely, without blowing the database... if it doesn't and your are this into litigation, then you should immediately sick your legal team on your application developer. > are not cheep. My company is going to be mad at me, and pissed at > you for the money that was lost and having to explain to our clients > why they were kicked out of our server. Now we are talking about Ok, now that's about the best justification that you had - the time when the site was unavailable to customers.... However, if you are this pre-occupied with uptime, then two questions: 1) Why are you using NT in the first place (I know, religious differences, not meant to start a flame war, just a lot of folk simply don't use NT where anything beyond 98.5 uptime is required.) 2) Why didn't you patch already for CodeRed? a CodeGreen like worm should only "infect" an already infected server that is out there causing damage to other people's machines, thus leaving you open for a lawsuit for negligence; or the whims of any kiddie who wanted to send: yourserver.com/scripts/root.exe+/c+del+/inetpub/wwwroot or whatever would wipe out your "Mission Critical" application - and leave you FAR more behind the eight ball than just a simple reboot. > a lawsuit. From this point of view, your program is far worse then > code red. Welcome to corporate America. I know, it sucks. > > Don't get me wrong what you are doing is great. I respect it. The > problem is that there are so many unique ways that IIS is used that > this whole concept of a (for lack of a better term) white hat worm > that fixes everything is just a bad idea and in certain cases can > do more harm then what you are trying to fix. If this goes into the > wild I would not be shocked at all if someone try's to sue. Just > something to think about. > True, corporate america is more into duck and cover, than in actually fixing the problems. (most of the time, gross generalization) I don't know what the solution is - the problem that spawns a CodeRed is beyond just a single source - Vendors are responsible for releasing insecure software (not really fixable, since I don't think that it is possible to have software without at least one bug - but I think that they should default to secure mode on installation, and then warn the user if they want to make the system insecure), Admins are responsible for not doing their jobs properly (there are some rather trivial ways of making sure that your systems are up to date - as someone who has admin'd large server farms of mixed systems with a very small staff, I know this IS possible...)... and I'm not sure what to do about the User level who helps in the propagation out of ignorance.... - -- Patrick Patterson Tel: (514) 485-0789 Chief Security Architect Fax: (514) 485-4737 Carillon Information Security Inc. E-Mail: ppattersonat_private - ----------------------------------------------------------------------- The New Sound of Network Security http://www.carillonIS.com -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use MessageID: UOGRJ11f7XppymldrmENFpStwC6MUgeF iQCVAwUBO5jEhbqc3sMKNyclAQFe8AP9GQGgQKcL+LtnXMw3SJfxCEXglcVvNitD 5C/Fu2aVejlmqSO9wI+3MgWwwHMJYDc7dY4jLoglg48Oc7IAM8gpV0qBl1LzQqHw DOZxnX/OQTGSSkBJCM3c0eCWeZOAZXKlv73tuIMrJN+fJma3y7wrIEvuqJdKTkwn NxSx5zlEtSE= =hayM -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Fri Sep 07 2001 - 11:18:17 PDT