[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] [RaQ3] Hacked ... a summary
- Subject: RE: [cobalt-security] [RaQ3] Hacked ... a summary
- From: "Jose Luis Aguilar" <jlaguilar@xxxxxxx>
- Date: Wed, 14 Mar 2001 02:05:38 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Those ports are for Legato Networker Backup (7937, 7938). Because of a bug
in the out-of-the-box configuration of the RaQ3, legato comes enabled but
the UI will show it as disabled.
To disable it, you have to remove the link to the networker script in the
/etc/rc.d/rc3.d directory:
# rm /etc/rc.d/rc3.d/S99networker
And shut it down manually:
# /etc/rc.d/init.d/networker stop
I do not think disabling it and enabling it in the Control Panel will shut
it down. If you rebbot your machine, it will be there again if you do not
remove it manually.
The bug is really stupid. The Control Panel checks to see if the start up
script for Legato Netwroker is in the rc3.d directory. If it is, then it is
shown enabled in the control panel. The problem is that the name of the
start up script defined in the Product_raq.pm file does not match the file
that is in the rc3.d directory (S95networker and S99networker respectively).
Therefore, the control panel thinks it is disabled and will not remove the
existing start up script (link).
I sent this issue (bug) to Cobalt over 3 months ago. I did not hear from
them.
Hope this helps.
Jose Aguilar
-----Original Message-----
From: cobalt-security-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-security-admin@xxxxxxxxxxxxxxx]On Behalf Of Cobalt
Sent: Wednesday, March 14, 2001 1:20 AM
To: cobalt-security@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-security] [RaQ3] Hacked ... a summary
Ports 7937, 7938 and 617 are for Legato and Arkeia backups,
for close, check Legato and Arkeia in CP and save changes,
after this uncheck the two and save again.
This close the ports. (until reboot)
RB