Update those server patches!

By Steven Vaughan-Nichols
Posted on ZDNet News: Sep 4, 2001 12:00:00 AM

It's funny in a nasty way. Many people want disasters. They go to car races to see crashes. They read Code Red and Code Red II warnings and hope that they'll find the Internet smashed in the morning. Most of the time, they're disappointed. No one dies at the track. The Internet keeps running. Gates is in his Redmond heaven and all's right with the world.

But then again, sometimes a Dale Earnhart does die, and sometimes part of the Internet does crash. Whether you're a NASCAR pit crew chief or a network administrator, your job is to make sure those failures are few and far between. Ironically, it can be a thankless job. For example, when Code Red didn't cause the Internet to come to a crushing halt, some people said that's because Code Red was a puffed-up scare story. Idiots.

The simple truth is that Code Red and its descendents haven't caused widespread havoc, because most network administrators did their jobs. They made sure their copies of Internet Information Server (IIS) were patched so that Code Red never stood a chance in their shops. Even so, Code Red's damage is estimated to run on the order of 2 billion dollars--a financial disaster, if there ever was one. It will be far more by the time it's done. Major sites, like Hotmail and Federal Express, have been hammered. How much does of a disaster does it take before some people buy a clue?

To be fair, some of the Code Red blame goes to people running server-style systems at home and not having a clue about how to administer them. But it boils down to the same problem--network admins, or people who are de facto net administrators not updating their systems.

What I find most annoying, however, are the people who say there was no real problem. If losing 2 billion bucks of productivity isn't a problem, what is? Code Red never should have amounted to even a 2 million dollar problem. The worm and its family could've been stopped in their tracks if all network administrators had updated their servers with the most current patches.

It would be easy to blame Microsoft for Code Red's damage, because IIS's appalling lack of security let Code Red flourish in the first place. And frankly, Microsoft deserves some of the blame. I could (and have)--gone on at length about how Microsoft software has fundamental security flaws. But this time around, I think a few bad network administrators deserve the lion's share of the guilt. And, yes, Microsoft, with its HotMail foul-up, has to share some of the blame, too.

By early August, how could the administrators at Hotmail and Federal Express not have known that they needed to update their servers? It's one thing for Joe Clueless in accounting to open an ILOVEYOU Outlook e-mail attachment-a week after ILOVEYOU ran around the world-but it's another for a network administrator to make such a stupid mistake.

Where the Patches Are

No excuses. If you run a server operating system from one of these companies, check their update/patching sites at least once a month.

Patches sites - Caldera (Includes Linux, OpenServer, UnixWare and Open Unix) -  SponsoredWhite Papers, Webcasts, and Downloads Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now Five Steps to Determine When to Virtualize YourServers VMware Server virtualization isn't just for big companies. Entry-level ... Download Now The True Costs of Virtual Server Solutions VMware In an economic environment that is repeatedly heralding the message "do ... Download Now Talkback Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors Reduce risk. Reduce complexity. Increase reliability. A simplified IT environment isn't just less complex. It's also more reliable. Standardize on a single Linux platform with SUSE Linux Enterprise from Novell, and get the world's most interoperable Linux Learn more >> Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today. Learn more about the free, six-month trial offer>> Keep Up With The Latest In Document Management with The DocuMentor. Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog. Learn more >> New Online Dashboard for IT Leaders Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems. Learn more >> Learn more about tools to grow your business The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions. Save time with the UPS Business Essentials Guide Keep up with ZDNet Be a fan on Facebook Follow us on Twitter Watch us on Youtube White Papers, Webcasts, and Downloads Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now Five Steps to Determine When to Virtualize YourServers VMware Server virtualization isn't just for big companies. Entry-level ... Download Now The True Costs of Virtual Server Solutions VMware In an economic environment that is repeatedly heralding the message "do ... Download Now SmartPlanet Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet More from IBM Can your business work smarter? Learn more about Lotus Symphony Learn how to work smarter and optimize cost using the IBM Smart SOA approach Download the eBook Smarter ways to make smarter products Read the brief from IBM Blogs All About Microsoft The Apple Core Between The Lines GreenTech Pastures Googling Google Digital Cameras Hardware 2.0 Laptops and Desktops Storage Bits Tech Broiler Toy Box Zero Day Product Reviews Home Theater PCs, Software and Peripherals Smartphones and Cell Phones Digital Cameras Videos CIO Vision Series At The Whiteboard News Video White Papers and Webcasts The ROI on Hardware Refresh Assessing Business Applications Infrastructure Management ManageMobile - Wireless Communications Network Security Webcasts Downloads Internet Tools and Utilities Spyware Removers System Optimizers and Diagnostics System Utilities More Holiday Gift Guide 2009 Windows 7 Photo Galleries Podcasts Site Index ZDNet ZDNet News & Blogs Hardware, IT Management, Networking, Operating Systems, Photo Galleries, Security, Software, Web Technology, All News, Dev Connection, Emerging Technology, Enterprise Alley, Googling Google, GreenTech Pastures, IT Project Failures, Linux and Open Source, Managing Linux, The Social Web, Storage Bits, Virtually Speaking, The Web Life, Podcasts Product Reviews A/V Receivers, Cell Phones & Accessories, Desktop Monitors, Desktops, Digital Cameras, Digital Camcorders, Flat-panel TVs, Laptops, Portable Video Players (PVPs), PDAs, Smartphones, Software, Storage Product Blogs The Toybox, Digital Cameras, Laptops and Desktops, Mobile Gadgeteer, SOHO Networking, Smartphones and Cell Phones, Home Theater White Papers & Webcasts Cost Control / Risk Management, Customer Support Services, IT HR / Staffing / Training, Resources Management, Strategic Planning, Webcasts Downloads Antivirus Software, File and Disk Management Utilities, Image Editing, Privacy Software, Shell and Desktop Management Enhancements Site Help & Feedback Site Map Popular on CBS sites: SEC Football | NFL | Video Game Cheats | iPhone | Video Game Reviews | Notebooks | Antivirus Software About CBS Interactive | Jobs | Advertise © 2009 CBS Interactive Inc. All rights reserved. | Privacy Policy (updated) | Terms of Use