
The Case of the Unexplained FTP Connections - aespinoza
http://blogs.technet.com/b/markrussinovich/archive/2012/10/30/3529266.aspx
======
frugalfirbolg
"Not realizing the server was on the perimeter, they had opened the SQL
Server’s port in the local firewall, left it with a blank admin account, and
enabled xp_cmdshell"

As the Mark states in the article, this is terrible even within the network,
let alone on the perimeter. Microsoft actually recommends against running
Exchange and SQL Server on the same box anyways [1] for performance reasons.

Is there a good intention that would motivate someone to install something on
a production box, leave it in an insecure config, and not document it?

[1] [http://technet.microsoft.com/en-
us/library/aa997379(v=exchg....](http://technet.microsoft.com/en-
us/library/aa997379\(v=exchg.80\).aspx)

