Pricewatch down?

[Mercutio]

I know there's an enormous worm that's hitting MSSQL servers hard right now, so perhaps this is related. Still, has anyone been able to get to pricewatch in the last couple of days?

 

[Fushigi]

I was at pricewatch yesterday and didn't have any problems. I don't generally care for the vendor selection and the UI at pricewatch and prefer pricescan and pricegrabber.

- Fushigi

 

[Groltz]

I used Pricewatch earlier today with no problems. They are down for me at the moment as well.

 

[jtr1962]

They've been down for me all day as well. Yesterday, SR was down for a while, and then SF not too long after. I also had some problems with train-sim.com and uktrainsim.com. The denial of service or whatever it is seems to be making the rounds.

 

[Mercutio]

There's a MAJOR internet worm at the moment. It's primarily attacking MSSQL, but apparently, the traffic increases have effectively killed UUNet and taken down several of the "." DNS servers.

Speculation is that it is possibly cyberwarfare. I wouldn't think there's much interest in the script kiddie community in rootkit-ing MSSQL.

 

[Mercutio]

Also, one of the odd side-effects of the worm is that it has taken much of South Korea offline, resulting in a decrease in spam for much of the rest of the internet.

 

[Pradeep]

Yup only two spam for me this morning.

 

[Pradeep]

There's a MAJOR internet worm at the moment. It's primarily attacking MSSQL, but apparently, the traffic increases have effectively killed UUNet and taken down several of the "." DNS servers.

Speculation is that it is possibly cyberwarfare. I wouldn't think there's much interest in the script kiddie community in rootkit-ing MSSQL.

I would think that if it is cyberwarfare then the worm would attempt to delete or modify the data. It looks like the major problem is just the amount of traffic being generated. If people had patched the 6 month old vulnerability it wouldn't have been a problem.

 

[Fushigi]

If people had patched the 6 month old vulnerability it wouldn't have been a problem.

Not to mention that in a proper environment SQL Server is never needed outside a firewall; the SQL Server ports should be closed off. That is one of the common mistakes that companies make when setting up an environment. They fail to properly analyze which services are truly needed beyond the firewall and/or improperly implement the firewall rules.

Typically, HTTP, HTTPS, VPN, SMTP, POP3, and prehaps FTP are all the IP services that need access. And even those should, by firewall rules, be restricted to only talk to the actual servers involved. Ditto for any special requirements.

The only reason for SQL Server to be visible to the net is if the company is allowing a customer/partner to query one of their databases. But this is rare; a web front-end to a query engine is more common. Or a VPN should be established between the companies so the data is secured and SQL Server is not accessible to the net in general.

- Fushigi