[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] RE: 'On my Soap Box'

Subject: Re: [cobalt-security] RE: 'On my Soap Box'
From: "Adam Sculthorpe" <sculthorpe@xxxxxxxxxxxxx>
Date: Mon, 12 Mar 2001 00:55:17 +0000
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Norm's point was he didn't have the 'time' or 'knowledge' and sometimes this is hard to
change when you have a business to run or other aspects to concentrate on, I would
suggest you contact Internet Security Systems at http://www.iss.net/ if you have the
money to pay for a solution.

Also 'expensive' is a matter of numbers, if you stand to lose all of your clients due to
a hack then I would argue differently. If the amount you stand to lose is significant
then I would suggest budgeting for security is a good thing.

Do the numbers and find the right level of solution !

Regards,

Adam Sculthorpe

Internet Security Consultant

*********** REPLY SEPARATOR  ***********

On 11/03/2001 at 21:30 Marc Gear wrote:

>> Please add me to the list of RAQ owners who are finding out that the
>buying of the box and initial setup is the easy part. After having my RAQ3
>hacked twice in 11 months, I need help. Need to re-install OS on the 3 and
>and add some better protection to my RAQ4r as needed. Is there a wizard out
>there who is available for such work? I have neither the knowledge nor the
>time.
>> Norm D
>
>Security consultants cost the earth, and this mailing list is not a
>recruitment agency for them anyway. You are far better learning to, and
>doing it yourself.
>
>The (free) advice I will give you is to learn how to do it youself, as it
>will cost you less money (and time) in the long run. Else, look elsewhere
>to
>employ people to do it for you. Follow all the links below, and you are
>going to be getting drastically more secure than the default cobalt
>install.
>
>http://www.cobalt.com/support/download/raq3
>http://www.cobalt.com/support/download/raq4
>http://www.enteract.com/~lspitz/linux.html
>http://www.openssl.org
>http://www.openssh.com
>http://www.insecure.org/nmap
>http://www.chkrootkit.org/
>http://www.tripwire.org/
>http://www.psionic.com/abacus/portsentry/
>http://www.psionic.com/abacus/logcheck/
>http://www.bastille-linux.org
>
>And if you manage all that then you are halfway towards making a halfway
>secure server.
>(that list is a lot longer than I intended... I guess there is maybe a lot
>more to this security lark than people think and to think I left out tons
>of
>links...)
>--
>/\/\ a R (
>
>
>
>
>
>
>_______________________________________________
>cobalt-security mailing list
>cobalt-security@xxxxxxxxxxxxxxx
>http://list.cobalt.com/mailman/listinfo/cobalt-security

References:
- Re: [cobalt-security] RE: 'On my Soap Box'
  - From: John Bailey
- Re: [cobalt-security] RE: 'On my Soap Box'
  - From: Norm Duncan
- Re: [cobalt-security] RE: 'On my Soap Box'
  - From: Marc Gear

Prev by Date: Re: [cobalt-security] RE: 'On my Soap Box'
Next by Date: Re: [cobalt-security] Security Costs
Previous by thread: Re: [cobalt-security] RE: 'On my Soap Box'
Next by thread: Re: [cobalt-security] Security Costs

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index