Alastair’s Place

Software development, Cocoa, Objective-C, life. Stuff like that.

Sasser and Yet More IT Incompetence

It astonishes me that in all the coverage of the Sasser worm, nobody has pointed-out that corporate and government installations simply shouldn't be suffering from Sasser, because they should be properly firewalled. Sasser spreads via three port numbers, the usual Netbios port (139) and two other ports (9996 and 445). It should, therefore, have been stopped by corporate or governmental firewalls, as there is no good reason to allow connections from the Internet to those port numbers.

What I would really like to know is why the people responsible for this fiasco still have jobs? Goldman Sachs, the European Commission and the UK Maritime and Coastguard Agency should have called for the immediate resignation of IT staff for gross incompetence of this nature. I'm certain that they'd ask security staff to resign if they were robbed because the building was unlocked and unprotected, so why should IT staff be able to get away with the IT equivalent?