[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] FW: script kiddie own a cobalt? >was Cobalt RaQ4 Remote root exploit
- Subject: Re: [cobalt-security] FW: script kiddie own a cobalt? >was Cobalt RaQ4 Remote root exploit
- From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
- Date: Mon, 09 Dec 2002 12:40:04 -0800
- Organization: nobaloney.net
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
"Michigan Connect, LLC" wrote:
> Have a question, I have had SolarSpeed install their firewall on two of our
> cobalts both RAQ4r's, should we be ok or are we still vuln to this SHP HACK?
The SolarSpeed Security Package and the Sun Cobalt SHP address
completely different ways of securing a RaQ. They were meant to be
complementary. You SHOULD remove the SHP, even if you've got the
SolarSpeed Security Package installed.
As Michael Stauber has pointed out on his website, the only program he's
supplied that's affected by removing SHP is his SPAM-Filter. As he
writes on his website:
"So if you have our SPAM-Filter installed and install SHP Removal 2.0.1,
then you will lose the extra GUI functions which the SPAM-Filter
provides.
"In that case please email us and we will send you a self installable
PKG file which fixes this problem."
By "us" he means him, of course, not me.
Jeff
--
Jeff Lasman, nobaloney.net, P. O. Box 52672, Riverside, CA 92517 US
Internet & Unix/Linux/Sun/Cobalt Consulting +1 909 778-9980
Our jblists address used on lists is for list email only
To contact us offlist: "http://www.nobaloney.net/contactus.html";