[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Am I missing something here
- Subject: Re: [cobalt-security] Am I missing something here
- From: David Lucas <david@xxxxxxxxxxxxxxxx>
- Date: Wed, 13 Mar 2002 22:10:46 -0600
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
At 12:10 PM 3/13/2002, you wrote:
Over the last 2 weeks we have had 6 Cobalts on our network HACKED!!!
One was even hacked then taken down to be reloaded on a saturday
afternoon and by the saturday night had been done again. They have been a
mixture of raq3 & 4's which have all been fully patched to the hilt and
with a few other security features added to the backend. WHAT'S GOING ON
WITH THESE THINGS!!
Behind a firewall they are fairly safe ( but getting them to work in the
first place is a nightmare ), but without that security they are about as
safe as a drunk with a box of matches. A brand spanking new raq4 went on
to the network yesterday and by this morning it was about as useful as a
chocolate teapot. Someone had got root access, taken off the latest
patches and put his own version of SSH on the box. I am fully aware of a
stint last year when even a cobalt engineer told me that there had been a
spate of hacks that they didn't know how to fix!!!!
Not that i expect too much of an answer from this email, but if there is a
group of people that should know about these issues it's the mailing list
and COBALT themselves. Does anybody at Cobalt ( sorry, i should say SUN )
actually care!!!
--
Regards
Have you fired anyone lately?