[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] How secure are RAQ's out of the box?
- Subject: Re: [cobalt-security] How secure are RAQ's out of the box?
- From: "Kevin D" <kdlists@xxxxxxxxxxxxxxx>
- Date: Mon, 24 Sep 2001 16:41:44 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> >I'm pretty new to the *NIX world, being an NT guy for a while. I see the
> >definite advantages of *NIX over NT, but I was just wondering how secure
> >these Cobalts are out of the box (RAQ4). I just had a buddy of mine run
a
> >security audit on his RAQ4 for about 730 vulnerabilities using Nessus,
and
> >his box is about 0.9% secure according to Nessus, 90% is the desired
range.
I'm unaware of what criteria Nessus uses for its security scans. You should
keep in mind that there is no objective measure of security, and there is no
such thing as a 100% "secure" system. Security is about trade offs between
risk of compromise and usability. For instance, ports open to the internet
on an internet server are (obviously) necessary, while ports open to the
internet on a workstation are (in general) unnacceptable.
You should also keep in mind that cobalt systems, like windows NT systems,
come out of the box unpatched. They are therefore vulnerable out of-the-box
to a number of exploits.
With all of that said, I've been working with cobalt raqs for nearly two
years and, bearing in mind that I've always kept up with the patches, I've
never had an intrusion yet. I find the default configuration to be fairly
well secured, after all patches are installed. Compared to red hat or NT out
of the box, cobalt is a rock.
Kevin