[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: [cobalt-security] [RaQ3] Port Sentry

Subject: AW: [cobalt-security] [RaQ3] Port Sentry
From: Rob van Eijk <rob@xxxxxxxxxxxx>
Date: Fri, 8 Jun 2001 10:34:56 +0200
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Graeme Fowler wrote:

[Remember that Security through Obscurity (ie. just using software to block
accesses to your machine) is a bad thing, and you're far far better off
ensuring that your services are not exploitable.
Admittedly this is difficult on Cobalt boxes, since Cobalt have been
renowned in the past for running slowly when it comes to releasing updates
for vulnerable software versions. Hopefully with Sun in charge this will
improve (although Sun haven't been the quickest off the mark at points in
the past, either...)]

Use Nessus now and again, from a remote machine, to check the status of your
network. Patch your server, but only if you can't wait for Cobalt to react
and you now what you are doing. Usually, an exploit is already 2-4 weeks old
before getting to Bugtraq or Cert. Cobalt will add another 2 - 4 wees
easily.

--
 MVG,
 Rob van Eijk

References:
- RE: [cobalt-security] [RaQ3] Port Sentry
  - From: Graeme Fowler

Prev by Date: RE: [cobalt-security] [RaQ3] Port Sentry
Next by Date: Re: [cobalt-security] Might be off topic. Are computers with 168.192.x.x safe from Internet?
Previous by thread: RE: [cobalt-security] [RaQ3] Port Sentry
Next by thread: [cobalt-security] portsentry / watchlog

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index