SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Get Patched If Not Supported


Get Patched If Not Supported

Author
Message
Steve Jones
Steve Jones
SSC Guru
SSC Guru (628K reputation)SSC Guru (628K reputation)SSC Guru (628K reputation)SSC Guru (628K reputation)SSC Guru (628K reputation)SSC Guru (628K reputation)SSC Guru (628K reputation)SSC Guru (628K reputation)

Group: Administrators
Points: 628505 Visits: 21336
Comments posted to this topic are about the item Get Patched If Not Supported

Follow me on Twitter: @way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
Sean Redmond
Sean Redmond
SSCarpal Tunnel
SSCarpal Tunnel (4.9K reputation)SSCarpal Tunnel (4.9K reputation)SSCarpal Tunnel (4.9K reputation)SSCarpal Tunnel (4.9K reputation)SSCarpal Tunnel (4.9K reputation)SSCarpal Tunnel (4.9K reputation)SSCarpal Tunnel (4.9K reputation)SSCarpal Tunnel (4.9K reputation)

Group: General Forum Members
Points: 4850 Visits: 1083
I understand the need for all Internet-facing machines, let alone DB-servers, to be up to date with their patches. This is perfectly sensible.
I think I've asked this question before. What about machines and servers witin a domain behind firewalls with no access to the outside world? I especially have in mind machines whose OS is no longer supported but runs a crucial piece of hardware or software.
Is it too simplistic to think that this not a problem? To be sure, internal security and physical access are important. Can one say that a system does not need to be patched if it cannot be accessed from the Internet?
Dave Poole
Dave Poole
SSC Guru
SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)

Group: General Forum Members
Points: 63759 Visits: 4050
SQL Slammer hit a lot of stuff behind the firewall. All it took was one exposed MSDE machine inside the network and it sprawled across the SQL Servers within the network. I know SQL Slammer happened a long time ago but the principle still applies

LinkedIn Profile
www.simple-talk.com
Sean Redmond
Sean Redmond
SSCarpal Tunnel
SSCarpal Tunnel (4.9K reputation)SSCarpal Tunnel (4.9K reputation)SSCarpal Tunnel (4.9K reputation)SSCarpal Tunnel (4.9K reputation)SSCarpal Tunnel (4.9K reputation)SSCarpal Tunnel (4.9K reputation)SSCarpal Tunnel (4.9K reputation)SSCarpal Tunnel (4.9K reputation)

Group: General Forum Members
Points: 4850 Visits: 1083
David.Poole - Wednesday, December 19, 2018 7:10 AM
SQL Slammer hit a lot of stuff behind the firewall. All it took was one exposed MSDE machine inside the network and it sprawled across the SQL Servers within the network. I know SQL Slammer happened a long time ago but the principle still applies


Fair enough. I don't claim to be a sysadmin and our sysadmins really don't like systems that have gone out of support.
I'm just wondering about the situation of the system that is no longer supported but still considered necessary.
Steve Jones
Steve Jones
SSC Guru
SSC Guru (628K reputation)SSC Guru (628K reputation)SSC Guru (628K reputation)SSC Guru (628K reputation)SSC Guru (628K reputation)SSC Guru (628K reputation)SSC Guru (628K reputation)SSC Guru (628K reputation)

Group: Administrators
Points: 628505 Visits: 21336
I'd say you want to be patched because you never know if malware or a misconfigured firewall will give access to a system. Especially these days where people take laptops in and out of local networks.

Follow me on Twitter: @way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum









































































































































































SQLServerCentral


Search