[LINK] Scoop! fed.gov.au server down

[Adam Todd]

>A hint to the source of the problem: "Maximum open cursors exceeded".
><correction mode=open>
>This suggests to me that the database behind the Web server was asked to
>create too many persistent connections at once - ie a minor design flaw,
>instead of opening database connections in non-persistent mode,

Totally correct Richard, but any good designer is going to use a web server 
that has the ability to have the CHILDREN manage the persistent 
connections, not have a new session fro each USER connection!

>the designer opened persistent connections; those connections were not 
>closed reliably when user sessions ended, and eventually the number of 
>open connections exceeded the limits of the server.

This is a MAJOR limitation of IIS and MS-SQL, and judging by the code 
sample, it's way over "autogenerated" using far too much tool and not 
enough "programmer"

>I'll leave it to others to analyse whether the server's failure mode was
>spitting out information that should be regarded as sensitive.

It's not sensitive, unless the MS-SQL server is connected to a visible IP 
address and I'm sure that's not the case ... is it?  Nah, surely the FEP 
Servers will be on visible and the database servers off REAL IP's.  Anyone 
with any network knowledge knows you don't put your database server on a 
visible IP address, like that company in Melbourne during the NIMDA worm, a 
share trading company too!