Found a Server 2003 machine without any updates/firewall

A

AMD_Gamer

Fully [H]
Joined
Jan 20, 2002
Messages
18,287
My boss has me do do a P2V conversion of this old Server 2003 Web Edition box that we use as a web server for this site that displays data from our SQL server. To my astonishment this thing was running without any service packs or windows updates and no firewall :eek:. It took me all afternoon to get this thing up to date. Pretty crazy. Strangely it was running our NOD32 antivirus. Everyone was happy though because they say it runs faster on our new ESXi host than the old machine that was 512MB/ and some pentium cpu.
 
I took on a new client last year whose previous IT consulting company up and left them dry. They had turned off Automatic Updates as well (which didn't interfere with any of the client's LOB apps anyway). And I would agree it takes all afternoon to patch up to SP2 + other security updates.
 
Last place I worked one of our remote offices had all of its server 2003 boxes running without any anti virus of any kind ever. While at the time our company was fighting off a major worm... Yeah, I had fun calling Canada about that one...
 
I did some work for a small company that had all Windows 2000 servers still - with NO service packs installed. They had me come in because they couldn't add any Windows Vista or 7 clients to the domain. I guess they had an issue one time where a patch screwed something up so they took the stance of never installing updates. They thought they were secure because they had a Sonicwall firewall...
 
shabazkilla said:
I did some work for a small company that had all Windows 2000 servers still - with NO service packs installed. They had me come in because they couldn't add any Windows Vista or 7 clients to the domain. I guess they had an issue one time where a patch screwed something up so they took the stance of never installing updates. They thought they were secure because they had a " Sonicwall firewall"...
Click to expand...

LOL!

Sounds like the situation i just repaird, I do a pile of dvr work around here, setting them up installing them etc etc.

I came across one that needed some upgrades and other stuff, he showed me the setup with a nice little dlink from Walmart, he said he was secure because it said firewall on it, little did he know that the tech that set it up port port warded a CRAP load of ranges to the DVR so basically any one that got his ip:80 got to see his dvr, the sad part is, the tech who installed it all, left the default password and username on the box.

So when you log in it shows the make and model of the dvr, ( google it and you get the default username pass )

Not no more tho, setup a new WRVS4400N with vpn, and some updates to his dvr, mounted it on the wall for him and a new small APC unit. Happy customer now :)
 
Sounds like where I work. At one point we managed to win the battle and were allowed to do monthly patching, but the IT manager's paranoia caught up not to mention he hated to see how much money we were making in overtime, so he put a stop to it. We have not patched in over a year now and that will only get worse because it's no longer allowed. The workstations have NEVER been patched. In fact there is not a single workstation that is the same, because they buy 1 at a time as needed so there's like 100 different models and they're all at different patch levels as they only get patched initially before put into production, at which point changes are no longer allowed.

We still have a couple NT4 servers, 2000 and the rest is 2003. There's a few 2008 servers but most software is made for 2000/2003 so even new deployments often get 2003. Medical software is the crappiest breed of software out there and is very behind in the times (yet cost ridiculous money), next to general corporate software.
 
You must log in or register to reply here.
Back
Top