Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
SamC
White Water Yakist
3467 Posts |
 Posted - 2005-11-09 : 10:32:12
|
| In a recent thread I mentioned that real-time anti-virus server software might be a good idea even for well protected/isolated servers. The rationale behind that post is that a malicious insider (anyone with physical access or username / password access) could intentionally compromise (e.g., plant a virus or worm) a server which is perceived to be protected due to strong isolation or strong firewall defenses.No one should post details of a corporate server infection in a public forum, and we don't want to expose specifics. I hope we can begin a thread to gather "non-specific poll data" which would put some light on whether malicious insider deeds have affected servers which forum members have heard about (excluding the news media as a source). In other words a server that belongs to someone you know.So with ambiguity in mind, any responses appreciated... don't include specifics about company names, etc. - In the past 2 years, are you aware of a server that has been compromised intentionally by a confirmed malicious insider act? - In the past 2 years, are you aware of a server that has been compromised in a manner which you *suspect* involved a malicious insider?"compromised" includes infection by a virus, worm, or other... |
|
|
Michael Valentine Jones
Yak DBA Kernel (pronounced Colonel)
7020 Posts |
Posted - 2005-11-09 : 10:54:38
|
I don't know of or suspect any servers that were compromised intentionally by a malicious insider.I do know of some that were compromised accidentally by incompetent and stupid insiders.  CODO ERGO SUM |
 |
|
|
SamC
White Water Yakist
3467 Posts |
Posted - 2005-11-09 : 11:12:49
|
quote:
Originally posted by Michael Valentine Jones
I don't know of or suspect any servers that were compromised intentionally by a malicious insider.I do know of some that were compromised accidentally by incompetent and stupid insiders.
I suspect the latter is by *far* more prevalent than the former.  |
|
|
|
Merkin
Funky Drop Bear Fearing SQL Dude!
4970 Posts |
Posted - 2005-11-09 : 18:33:57
|
quote:
I do know of some that were compromised accidentally by incompetent and stupid insiders
By far the most common threat  Damian"A foolish consistency is the hobgoblin of little minds." - Emerson |
|
|
|
Kristen
Test
22859 Posts |
Posted - 2005-11-10 : 08:20:09
|
| None that I can think of. Lots of "trusted people" who have sufficient access, and just need to get to the point of having an "axe to grind" ...Kristen |
|
|
|
jen
Master Smack Fu Yak Hacker
4110 Posts |
Posted - 2005-11-13 : 21:26:37
|
| some tried... but they either failed or caught red-handed--------------------keeping it simple... |
|
|
|
elwoos
Master Smack Fu Yak Hacker
2052 Posts |
Posted - 2005-11-14 : 03:26:26
|
| It's not something I've come across but I do remember many many years ago the company I was at being delivered a brand new laptop from a very well known company, which came with it's own virus pre-installed!!!steve-----------Facts are meaningless. You could use facts to prove anything that's even remotely true! |
|
|
|
|
|
|
Insider threat / server vulnerability