'Pings of Death' Are Killing Windows Servers

CommanderFrank

Cat Can't Scratch It
Joined
May 9, 2000
Messages
75,400
Attention System Admins: The SANS Institute has issued a warning for an exploit that can take servers offline without being patched. Microsoft issued an update to correct the problem and It is recommended that the patch be applied as quickly as possible.

However, within hours of the update going live, people reverse engineered the new code to find out where the hole is and how to exploit it, and have started sending out the pings of death.
 
Only partially related to this, but I noticed when I had VNC enabled to the outside world that my computer would get 100's of pings each day on the VNC port with people trying to get into the VNC.

I turned it off and went with Team Viewer instead.
 
Only partially related to this, but I noticed when I had VNC enabled to the outside world that my computer would get 100's of pings each day on the VNC port with people trying to get into the VNC.

I turned it off and went with Team Viewer instead.

These kind of access attempts are very common, I have a pfsense edge running SNORT that blocks some type of malicious scan probably once every ten minutes.
 
Could be misinformation but I read somewhere that this was harder to exploit if your website required authentication.
 
Just goes to show running a Windows Server is a bad idea.

Anything served is better served on *nix.

Windows is a great client OS, but unless I had to run something that explicitly required it (like, say, an exchange server) I wouldn't touch a Windows server with a 39.5 ft pole.

My ESXi server has 11 guests, none of them Windows.
 
Zarathustra[H];1041557258 said:
Just goes to show running a Windows Server is a bad idea.

Anything served is better served on *nix.

Windows is a great client OS, but unless I had to run something that explicitly required it (like, say, an exchange server) I wouldn't touch a Windows server with a 39.5 ft pole.

My ESXi server has 11 guests, none of them Windows.

Ping of death = bluescreen.
Heartbleed = owned system.
 
Zarathustra[H];1041557258 said:
Just goes to show running a Windows Server is a bad idea.

Anything served is better served on *nix.

Windows is a great client OS, but unless I had to run something that explicitly required it (like, say, an exchange server) I wouldn't touch a Windows server with a 39.5 ft pole.

My ESXi server has 11 guests, none of them Windows.
But when you're a company that manages TENS OF THOUSANDS of servers, Windows Server has an advantage over UNIX. I manage over 1000 Windows Servers in my group alone. Small scale, sure, it could work for UNIX but on a large global scale, Windows Server is more convenient especially when contractors you work with have a better understanding of what to do for service requests. You can debate the pro's of UNIX vs Windows. The reality is NO ONE CARES which is superior. If the customer wants Windows Server, they get Windows Server. If they want UNIX, they get a UNIX server. It's that simple. Modernization initiatives today for example lean towards Windows over UNIX because the bean counters pushes on what is cheaper which is Windows.
 
These kind of access attempts are very common, I have a pfsense edge running SNORT that blocks some type of malicious scan probably once every ten minutes.

If you turn off your cable modem and computers when you're not using them, hardly anyone bothers to scan your stuff after a while. Like when I'm not home, I know no one needs internet access unless its someone trying to steal it (because my cat doesn't really care about the internet) so there's no reason to leave anything turned on at all which costs in power and air conditioning in the summer (if you leave that on during the day too). Plus, if you turn them off at a power strip you can stop AC adapters from leeching electricity.
 
Zarathustra[H];1041557258 said:
Just goes to show running a Windows Server is a bad idea.

Anything served is better served on *nix.

Windows is a great client OS, but unless I had to run something that explicitly required it (like, say, an exchange server) I wouldn't touch a Windows server with a 39.5 ft pole.

My ESXi server has 11 guests, none of them Windows.

The bug was fixed already, this is the equivalent to hackers running out and using the Heartbleed bug a few days after it was patched out. Idiotic sysadmins who don't keep up on patches and also have automatic update disabled.

You're not doing yourself any favours when you fanboi out like that.
 
But when you're a company that manages TENS OF THOUSANDS of servers, Windows Server has an advantage over UNIX. I manage over 1000 Windows Servers in my group alone. Small scale, sure, it could work for UNIX but on a large global scale, Windows Server is more convenient especially when contractors you work with have a better understanding of what to do for service requests. You can debate the pro's of UNIX vs Windows. The reality is NO ONE CARES which is superior. If the customer wants Windows Server, they get Windows Server. If they want UNIX, they get a UNIX server. It's that simple. Modernization initiatives today for example lean towards Windows over UNIX because the bean counters pushes on what is cheaper which is Windows.

I for one find it easier to manage large numbers of *nix based servers, compared to Windows servers, but I guess out in industry I am a minority, which means you have to go Windows, or you might have a problem finding IT professionals to manage your servers at a reasonable cost?

Is that the argument?
 
Zarathustra[H];1041558311 said:
I for one find it easier to manage large numbers of *nix based servers, compared to Windows servers, but I guess out in industry I am a minority, which means you have to go Windows, or you might have a problem finding IT professionals to manage your servers at a reasonable cost?

Is that the argument?
No, you don't HAVE to go to Windows. The point is no one cares what is better. If it suits the customer on their needs, then they get the OS that they want. The fact is support for Windows on a service request basis is hell of a lot cheaper than that for UNIX operating systems and the corporate bureaucrats. People say UNIX is cheaper than Windows because licensing but that's irrelevant in the long run. If you have your own budget that isn't determined by people above you, then more power to you. But when the CIO of a company says "Cut cost", they're making you choose between operating systems which Windows wins out over UNIX. Service Level Agreements varies from contractor to contractor and they're overloaded with Windows people more so than UNIX. This allows them flexibility to undercut a competitor vying to support your organization. In my organization, our SLA cost for UNIX is DOUBLE that of Windows but our contractors are under pressure to drop the service cost for UNIX.
 
Unless your doing remote admin of your systems, just set a rule on your firewall at the internet to Deny ICMP. No ping, no death.
 
Back
Top