There are nearly half a million enterprise database servers that are connected directly to the Internet, according to U.K.-based security researcher David Litchfield.
Litchfield did a sampling of just over 1 million randomly generated IP addresses, checking if he could access them on the ports normally reserved for either Microsoft SQL Server or Oracle's database.
The results were astounding, according to Computer World UK:
He found 157 SQL servers and 53 Oracle servers. Litchfield then relied on known estimates of the number of systems on the Internet to arrive at his conclusion: "There are approximately 368,000 Microsoft SQl Servers... and about 124,000 Oracle database servers directly accessible on the Internet," he wrote in his report, due to be made public next week.
Even more disturbing, however:
Many of these unprotected databases are also unpatched. In fact, 4% of the SQL Server databases Litchfield found were still vulnerable to the flaw that was exploited by 2003's widespread SQL Slammer worm.
It is worth noting that Litchfiel wrote the original proof of concept code that was eventually used by the widespread Slammer worm. He observes that this many unsecured databases is enough to sustain another worm outbreak.
Are you one of those folks responsible for the enterprise databases left in the open (unpatched)?
Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.