[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Cobalt RaQ3 ports
- Subject: Re: [cobalt-security] Cobalt RaQ3 ports
- From: "Steve Werby" <steve-lists@xxxxxxxxxxxx>
- Date: Sat, 5 May 2001 01:09:34 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
"Bill Irwin" <bill_irwin@xxxxxxxx> wrote:
> If you were hacked, most likely it came from the BIND vulnerability.
> I've seen an increase in reports of hacks from this vulnerability in
> this week (since May Day attacks started). Most people were probably
> already hacked, but didn't know till this week.
>
> If you are co-locating the server, try to find out if the ISP installed
> the patches. If they didn't, they would be the ones responsible.
Not necessarily so. It depends what your contract says. I've been working
with RaQs since the RaQ1 and I can tell you that on many occasions
installing a recently released Cobalt patch will cause you headaches.
Service providers know this and would be wise not to apply recent patches
until the implications of doing so are clear. The reality is that more and
more people want a service provider that leases them as much bandwidth as
possible, with 100% uptime at the price closest to zero and it's not
reasonable to expect companies like that can stay in business if they have
to spend time applying patches to a server, especially after the customer
takes control of it. In other words, unless a contract explicitly states
that the ISP is responsible for keeping the server updated, I wouldn't
expect it unless you carry considerable clout or want to pay for the
service.
--
Steve Werby
President, Befriend Internet Services LLC
http://www.befriend.com/