Re: Did IDSes detect the SQL worm?

["Kurt Seifried" <bt () seifried org>]

So it appears that a lot of IDS systems detected this worm and alerted
people. Did this actually help much? I imagine by the time most admins got
the alert if they had vulnerable machines/networks they were already falling
apart under the load of packets. Does anyone have a success story with
respect to an IDS, vulnerable servers, and this attack?


Kurt Seifried, kurt () seifried org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/