Downloadable Databases Pose Security Dangers

February 2, 2005

[From eWeek]

Worms such as MySpooler, which spreads via weak passwords in MySQL, take advantage of the fact that inexperienced users are opening enterprises' back doors to open-source software.

Are they lazy? Stupid? Or merely inexperienced?

It's baffling that so many database administrators or casual non-DBA downloaders were responsible for leaving weak or default passwords on MySQL databases and thus allowing the MySpooler bot attack against Windows installations of MySQL, which last week peaked at an infection rate of 100 machines per minute.

The article continues at http://www.eweek.com/article2/0,1759,1758501,00.asp?kc=EWRSS03129TX1K0000608