[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] what do I do now!

Subject: RE: [cobalt-security] what do I do now!
From: "Gavin Nelmes-Crocker" <cobalt@xxxxxxxxxxxxxxxx>
Date: Tue, 15 Jan 2002 17:31:48 -0000
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

One vital thing that Eugene missed was what if your RaQ has already
been compromised lets see how many exploits have their been in the
last 10 months that have now been closed by patches but you have only
just closed - a quick summary - too many.

At the extreme I would OS restore the box and start again if that is
an option - the CMU is now pretty good for exporting sites as long as
you don't bring the vulnerability as well (unlikely) then I would
patch the box up to date and then install as Eugene suggested.

Another way would be to use chkrootkit to see if it is likely that
your box has been compromised but you will never know for sure unless
you follow the first method.

Regards

Gavin

> > > Can anyone tell me what are my next steps with regards to
> > > increasing security on my box?
> > 
> > My humble suggestions:
> 
> One thing that I forgot: first and foremost, make sure, and
> check regularily that your workstation is not trojaned with a
> keyboard logger!

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Security 7.0.3

iQA/AwUBPERnhDkNEKDTK9zKEQKMDQCgqNstt651UuG2tAwtp6AzV1greJQAoNYN
9NPDpLuUSKimuQS8Javs8KRq
=Wyem
-----END PGP SIGNATURE-----

References:
- Re: [cobalt-security] what do I do now!
  - From: Eugene Crosser

Prev by Date: Re: [cobalt-security] what do I do now!
Next by Date: [cobalt-security] Portsentry configuration
Previous by thread: Re: [cobalt-security] what do I do now!
Next by thread: [cobalt-security] Portsentry configuration

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index