[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] FTP Scans
- Subject: Re: [cobalt-security] FTP Scans
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Sun, 18 Nov 2001 20:28:21 +0100
- Organization: Stauber Multimedia Design
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Ed,
> This is a quote directly from Sun-Cobalt's site on the Global warranty
> program:
>
> No warranty will apply to any product that has been (i) modified, altered
> or adapted without Sun's written consent; (ii) maltreated or used in a
> manner other than in accordance with that product's manual; (iii) repaired
> by any third party in a manner which fails to meet Sun's quality standards;
> or (iv) improperly installed by any party other than Sun.
I'm sorry to sound the wakeup call for you, but this strictly means that
SUN/Cobalt will charge you for anything unless you can prove them that the
fault is on their side. ;o)
I've had cases where SUN/Cobalt refused to fix an obvious problem because SSH
was installed on the machine. The package from ftp.cobalt.nl (!). Which is of
course unofficial and unsupported as any PKG on their site. Sure, I fully
understand their approach and wouldn't do it in another way, as I'd certainly
would dislike to trouble-shoot a machine which a customer has bent out of
shape. At least I'd dislike doing so without proper compensation.
Taco and his chaps are doing an outstanding work and I'm sure many would
applaud if their packages would get the SUN/Cobalt seal of approval. ;o)
However, these applied double standards are sometimes laughable at best. If
*you* can live with the fact that an out-of-the-box Cobalt RaQ leaves a lot
to be desired in regards to security issues, then that's certainly fine with
the rest of us.
> It might pay you to read your documentation a little more.
It always pays to RTFM (Read The *Fine* Manual). But it might also pay if you
listen to sound advice. You're always free to do it your way - of course -,
but ipchains (and other means talked about on this board) can greatly enhance
the security and your awareness about what's going on at your machine.
Once you've been hacked, all Cobalt will do is to send you (for hard cash) an
OS restore CD, so that you can format your disk and start over.
--
With best regards,
Michael Stauber