[isalist] Re: File Sharing on the internet

• From: "Glenn P. JOHNSTON" <glenn.johnston@xxxxxxxxxxx>
• To: <isalist@xxxxxxxxxxxxx>
• Date: Fri, 14 Jul 2006 23:06:43 +1000

http://www.ISAserver.org
-------------------------------------------------------

Yep. Sending business away is a bad thing, but I had no interesting in
taking sides in a "he said, she said, I thought, you mean what"
exercise.

At first the Company was pissed that after 4 years, I am refusing to get
involved in the stoush with the developer, and I thought the phone call
I made yesterday where I told them "No thanks" was the last I'd hear
from them.. But today, received a call, "Please come and fix this for
us, you know our systems, and we have been happy with your service.
We'll keep it to keeping our systems running, and fixing the problem".
The other stuff is in the hands of our lawyer.

So you never know do you, you just never
know................................


-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of John T (Lists)
Sent: Friday, 14 July 2006 00:49
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: File Sharing on the internet

http://www.ISAserver.org
-------------------------------------------------------
  
Glenn, I am a very small business and would cringe and hate myself for
pushing a client away.

I would run away from this one.

John T
eServices For You

"Seek, and ye shall find!"

> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx 
> [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of
> Glenn P. JOHNSTON
> Sent: Thursday, July 13, 2006 3:00 AM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: File Sharing on the internet
> 
> http://www.ISAserver.org
> -------------------------------------------------------
> 
> Oh Boy, I am dropping this one like a hot potato.
> 
> Based on my comments earlier that it's stupid to open the SQL to the 
> internet, They want to start something against the software developer 
> and not pay him
> 
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx 
> [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of John T (Lists)
> Sent: Thursday, 13 July 2006 18:07
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: File Sharing on the internet
> 
> http://www.ISAserver.org
> -------------------------------------------------------
> 
> Sorry I did not see this earlier Glenn.
> 
> Why do they want white papers telling them this is a bad idea when 
> they already have the proof in front of them in the form of a 
> comprised server?
> 
> Simply go aGoogling for SQL attack will turn up plenty of information.
> 
> http://www.gcn.com/print/22_4/21214-1.html
> http://www.securitydocs.com/library/3587
> 
> I mean, the list is long.
> 
> 
> John T
> eServices For You
> 
> "Seek, and ye shall find!"
> 
> 
> > -----Original Message-----
> > From: isalist-bounce@xxxxxxxxxxxxx
> > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of
> > Glenn P. JOHNSTON
> > Sent: Wednesday, July 12, 2006 10:46 PM
> > To: isalist@xxxxxxxxxxxxx
> > Subject: [isalist] File Sharing on the internet
> >
> > http://www.ISAserver.org
> > -------------------------------------------------------
> >
> > Hi,
> >
> > A company I do support work for on 'Dial a techie' basis,  has had a
> contractor write
> > some software that needs to access a database on the companies
server.
> 
> > He
> rolled
> > this out onto the 28 sales pc's last week.
> >
> > He has just opened port 1433TCP and 1434UDP on the firewall to allow

> > SQL
> based
> > authentications from client PC's out on the internet to access the
> server.
> It appears
> > that someone has already hacked into the DB, some tables are empty, 
> > others corrupted, SQL logs show a lot of connections, far more so 
> > than
> 
> > can be
> explained by
> > legitimate connections.
> >
> > This of course is a very bad idea, but the company wants some 
> > details and
> white
> > papers or the like that details why. This has all blown up in the 
> > last
> hour and a half,
> > and I need some thing to get back to them with tomorrow.
> >
> > If anyone has any suggestions of white papers etc that might be
> appropriate, they
> > would be much appreciated.
> > ------------------------------------------------------
> > List Archives: //www.freelists.org/archives/isalist/
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> > ISA Server Blogs: http://blogs.isaserver.org/
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> > Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx


------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » [isalist] File Sharing on the internet
• » [isalist] Re: File Sharing on the internet
• » [isalist] Re: File Sharing on the internet
• » [isalist] Re: File Sharing on the internet
• » [isalist] Re: File Sharing on the internet
• » [isalist] Re: File Sharing on the internet

1. Home
2. isalist
3. Archive
4. 07-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---