Channel News and Analysis - Channel Insider

Empowering the next generation Channel

Home

Channel News and Analysis

MySQL Bot Attack Thwarted

[ci] deep dives:

Managed Services Distribution Careers Linux and Unix Computer Networking Printers Security SMB Partner Storage Surveys Solution Builder Messaging/Collaboration Dell Reseller Microsoft Partner

[ci] commentary:

Debuting the New Channel Insider Channel Insider unveils its new Web site design, which reflects our mission to support solution providers with the best insight and analysis for their success

Convergence: The Next Security Wave The convergence of physical and logical security isn't a new idea, but largely untapped by solution providers. Groups like 1nService and PSA Security are bringing these largely segmented channels together for this $7 billion market opportunity.

MySQL Bot Attack Thwarted

in Channel News and Analysis

More Channel News and Analysis Coverage

Previous Article: Lexmark Offers Managed Services for its VARs

Next Article: Google Goes Analog to Warn of Pending Layoffs

DATE: 2005-01-31

By Ryan Naraine

Article Rating:

/ 0
Article Views: 159

Rate This Article:

Add This Article To:

Digg this

Del.icio.us

Slashdot

Y! My Web

E-mail

Furl

Google

Simpy

Spurl!

PDF Version

Access to IRC servers controlling the worm has been shut off, but experts say the threat of new attacks remains.

Last week's sophisticated bot attack against Windows installations of the MySQL database engine has fizzled after DNS (Domain Name System) service authorities shut off access to IRC servers controlling the worm.

The bot, which launched brute-force attacks on weak MySQL passwords, was infecting vulnerable systems at the rate of 100 per minute.

At its peak, the SANS Internet Storm Center reported that about 8,500 hosts were connected to the IRC (Internet Relay Chat) server to retrieve propagation instructions. However, once access to those servers was denied, the spread of the worm stopped.

But Johannes Ullrich, chief technology officer at the SANS Internet Storm Center, warned that a serious threat remains. "In the past, we've seen botnets move from server to server, so it won't be surprising to see another attack soon."

"These bots are written with different attack modules. It simply means someone could write a different module to connect to a different server to launch new attacks," Ullrich told eWEEK.com on Monday.

Because the bot takes advantage of weak passwords, Ullrich again urged database administrators to strengthen security policies for firewalls and passwords.

Administrators also should set up restricted access to root accounts and apply firewall rules to make sure MySQL servers are not exposed to attackers, he added.

MySQL AB, the Cupertino, Calif.-based company that develops and manages the program, also released a security alert spelling out the effects of the worm.

"There are two basic steps to protect your MySQL Servers: Always use strong passwords on all accounts, [and] use firewalls to protect your MySQL servers," the company said.

MySQL is a freely available database engine designed to provide fast access to stored data. It is installed on more than 8 million systems worldwide.

Check out eWEEK.com's for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer's Weblog.

	Discuss MySQL Bot Attack Thwarted

	>>> Be the FIRST to comment on this article!



	>>> More Channel News and Analysis Articles >>> More By Ryan Naraine

Email Article To Friend ♦ Print Version Of Article ♦ PDF Version Of Article

SIGN UP FOR CHANNEL INSIDER NEWSLETTERS
Reliable, timely information on the business of technology. Sign up now.

RSS SUBSCRIPTIONS

Add Channel News, Product Reviews, Trends and Analysis to your RSS newsreader or My Yahoo!

Ziff Davis White Paper Library

eWEEK Labs RFPs and Tools

Channel Insider:

Security:
Enterprise Security
Network Security
Infrastructure Security
How To: Data
IT Security News
Cheap Hack Blog
Security Watch Blog

Storage:
Storage
Cloud Storage
Storage Virtualization
Network Access Storage
Storage Reviews
Data Storage News
How To: Storage
Storage Station Blog

Computing:
Apple OSX
Linux Systems
Windows Vista
Managed Print Services
Cloud Computing
PC Reviews
Microsoft Watch Blog
Apple Watch Blog
Google Watch Blog

Communications:
VoIP Solutions
Wireless Technology
Messaging Software
Web Services
Mobile Applications
Wireless News
Mobile Reviews

Apps & Development:
Application Development
SAAS
Search Engines
Database Software
IT Project Management
Web 2.0
IT Project Management
Emerging Tech Blog
CIO Insight Blogs
CIOs

Vertical Markets:
Federal Government IT
Health Care IT
Finance IT
Mid-Market
Channel Partners
Careers Blog
Value Added Resellers

More eWeek Links:
Green Computing Center
Tech Knowledge Center
Tech Newsletters
Tech RSS Feeds
White Papers
Tech Podcasts
Tech Videos
eWeek Magazine Subscriptions

Enterprise Websites:
ZDE Home
Baseline
Channel Insider
CIO Insight
eSeminars
eWeek Mid-Market
Publish Online
Web Buyers Guide

Developer Websites:
Dev Shed
DeveloperShed
ASP Free
MS DevSource
SEO Chat
Codewalkers
Tutorialized
Scripts.com
Dev Mechanic
Dev Articles
Web Hosters
Dev Hardware

Technology Websites:
Device Forge
Desktop Linux
Linux Devices
Windows for Devices
iGrep Search Engine
Windows for Devices
iGrep Search Engine
PDF Zone
Linux Watch

Use of this site is governed by our Terms of Use and Privacy Policy
Copyright ©1996-2009 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.
eWeek is your best source for the latest Technology News.
ZDE Cluster 2 hosted by Hostway.