14 November, 2007

All Your Data Are Belong To Us!

I just had a rather interesting article pointed out to me, on Computerworld UK. According to David Litchfield, a UK based security researcher,
"There are approximately 368,000 Microsoft SQl Servers... and about 124,000 Oracle database servers directly accessible on the Internet,"
Given these numbers, I have to wonder what would be found if he were also to look for other widely used databases; MySQL, PostgreSQL, Firebird, etc. It's a bit of a frightening prospect to think that I probably have personal information stored on at least one, if not more, of those exposed servers. Things like this make me wonder how so many IT professionals keep their jobs when they really have no clue as to what is really going on. The most likely scenario is that these people are all book trained, they have their degrees and certificates and all that nonsense... then they get into a real world environment, thrown up against a huge ball of servers, and they have no idea what to do. Hearing about these things makes me very glad for the opportunities and experience that I have had. I learned better, LONG ago, than to make amateurish mistakes like this.

You can view the full text of the article here: http://www.computerworlduk.com/management/security/data-control/news/index.cfm?newsid=6198