[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Re: interesting hack symptoms
- Subject: Re: [cobalt-security] Re: interesting hack symptoms
- From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
- Date: Sat, 4 Nov 2000 22:44:26 +0000 (GMT)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Sat, 4 Nov 2000, Michael Aronoff wrote:
> >----- Original Message -----
> > Does that patch require the installation require the update of
> OS3?.... I
> >haven't done that one yet because of all the horrors I heard about from
> other
> >users on the regular cobalt list....
>
> Look, I agree that you need to be careful about Cobalt patches, BUT you are
> running an ever greater security risk by not installing them!!! They often
> fix known security exploits and other problems. The best thing to do is
> subscribe to cobalt-users and cobalt-developers and read them!! People on
> these lists will talk about weather a patch causes problems , things to look
> out for and so on. I always wait about a week after a patch is released
> before I install it. That way I am being prudent but still secure.
It's not really a secure practice to wait a week before patching
something.
Lets say I come along, nmap your network, find a few boxes running qpopper
2.53 and old sendmail, I note down the version numbers, wait for an hole
to be found, and crack into the boxes. I then trojan them up with
kernel modules, run a few sniffers etc etc etc. You then come along and
install the patch, and think you're secure.
Also worth bareing in mind Cobalt currently take about a month with
patches for security issues, so they can test them.