Re: [cobalt-security] Am I missing something here

[David Lucas <david@xxxxxxxxxxxxxxxx>]

At 12:10 PM 3/13/2002, you wrote:
> Over the last 2 weeks we have had 6 Cobalts on our network HACKED!!! 
> One  was even hacked then taken down to be reloaded on a saturday 
> afternoon and by the saturday night had been done again. They have been a 
> mixture of raq3 & 4's which have all been fully patched to the hilt and 
> with a few other security features added to the backend. WHAT'S GOING ON 
> WITH THESE THINGS!!
>
> Behind a firewall they are fairly safe ( but getting them to work in the 
> first place is a nightmare ), but without that security they are about as 
> safe as a drunk with a box of matches. A brand spanking new raq4 went on 
> to the network yesterday and by this morning it was about as useful as a 
> chocolate teapot. Someone had got root access, taken off the latest 
> patches and put his own version of SSH on the box. I am fully aware of a 
> stint last year when even a cobalt engineer told me that there had been a 
> spate of hacks that they didn't know how to fix!!!!
>
> Not that i expect too much of an answer from this email, but if there is a 
> group of people that should know about these issues it's the mailing list 
> and COBALT themselves. Does anybody at Cobalt ( sorry, i should say  SUN ) 
> actually care!!!
>
>
> --
> Regards


Have you fired anyone lately?