[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] RaQ patching and security

Subject: Re: [cobalt-security] RaQ patching and security
From: Jerry Kemp <cobalt@xxxxxxxxxxx>
Date: Thu, 21 Mar 2002 14:42:28 -0600
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Thursday, March 21, 2002, at 12:04  PM, John Brownlee wrote:



	Cobalt's need to be brought up to the response time Sun gives their
larger iron. I would like patches from Cobalt proper within 24 hours of
an announced vulnerability.


What gives you the impression that Sun responds to their big iron
any quicker??  I have been working with (true) Sun equipment since
1995 on low end LX's and IPX's all the way up to E10000's.  One of
the first things I do to any Sun system exposed to the internet is
to disable un-necessary services and then to replace Sun's binaries
with the latest open source replacements.  Exposed services typically
will include ftp, sendmail, DNS (bind), etc.  Sun is almost always
very far behind in the versions of software on Solaris, even fully
patched.

>> much deleted here



Jerry

References:
- [cobalt-security] RaQ patching and security
  - From: John Brownlee

Prev by Date: Re: [cobalt-security] RaQ patching and security
Next by Date: Re: New kernel (Was: [cobalt-security] SUN don't care about securityupdate ?)
Previous by thread: Re: [cobalt-security] RaQ patching and security
Next by thread: [cobalt-security] Re: lack of SUN's security patches

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index