[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Portsentry, ipchains and pmfirewall

Subject: Re: [cobalt-security] Portsentry, ipchains and pmfirewall
From: "E.B. Dreger" <eddy+public+spam@xxxxxxxxxxxxxxxxx>
Date: Tue, 22 Jan 2002 23:20:23 +0000 (GMT)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> Date: Tue, 22 Jan 2002 23:54:20 +0100
> From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>

> Ooooh yeah <double-sigh>. Webmin is a nice example (and ripe
> target) for the dangers of falling prey to an UDP attack. As
> much as I love(d) Webmin, it's a dire security risk these days.

Can't say that I care for it.  I grew up on the command line, and
have never found a GUI that I truly like.  Gimme a shell any day.

> > (Hey, don't ignore Slackware!)
> 
> That's one I haven't tested yet, so I can't relate. 

It's rather BSD-ish.  The setup routine is similar to FreeBSD's
/stand/sysinstall.  Init scripts are BSD-style, _not_ SysV-style
crud.  And the package manager also seems to borrow heavily from
FreeBSD, if one wishes to use packages.

> I see it the same way, but it's hard to educate people towards
> that ideal unless they get hit hard enough by bad luck and
> property damage. It starts much lower than that actually. Just

Too true.  A couple weeks ago, I received a call from someone who
had a colo customer get cracked.  Alas, they used telnet instead
of SSH, and weren't running VLANs.  Oops.

> today I worked for an "ISP" who had not even bothered to backup
> his primary webserver. Well, who's to blame? I don't want to
> point fingers, but selling these things as "Server Appliance" 
> (therefore suggesting: Plug and Play, Ready to Run, No Extras
> Needed) doesn't really prepare most of the start-ups to deal
> with a environment as hostile as the internet. This even hurts
> SUN/Cobalt itself, as they apparently can't even sell their own
> Firewall (the Velociraptor) with success. 

Heh.  I probably shouldn't voice my opinions on a Cobalt list,
but I know what you mean.  It's like saying, "Here's a car with
an automatic transmission; you're now qualified to drive Grand
Prix!"

> Speaking of it ... see URL below for an interesting (half way related) 
> article: http://www.theregister.co.uk/content/6/23770.html

I'll have to check it out.  I'm a bit behind on both UF and The
Reg... most everything except the NANOG list. ;-)


Eddy

---------------------------------------------------------------------------
Brotsman & Dreger, Inc. - EverQuick Internet Division
Phone: +1 (316) 794-8922 Wichita/(Inter)national
Phone: +1 (785) 865-5885 Lawrence
---------------------------------------------------------------------------

Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist@xxxxxxxxx>
To: blacklist@xxxxxxxxx
Subject: Please ignore this portion of my mail signature.

These last few lines are a trap for address-harvesting spambots.  Do NOT
send mail to <blacklist@xxxxxxxxx>, or you are likely to be blocked.

References:
- Re: [cobalt-security] Portsentry, ipchains and pmfirewall
  - From: Michael Stauber

Prev by Date: Re: [cobalt-security] Portsentry, ipchains and pmfirewall
Next by Date: Re: [cobalt-security] Portsentry, ipchains and pmfirewall
Previous by thread: Re: [cobalt-security] Portsentry, ipchains and pmfirewall
Next by thread: Re: [cobalt-security] Portsentry, ipchains and pmfirewall

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index