Re: [cobalt-security] Results of Forensics Examination of Compromised RaQ 4

[jalvarez@xxxxxxxxxx]

I've a doubt, How can modify the max number of virtual sites in cobalt
raq4r?
are there any parameters that i can modify?
I have actually 366 virtual sites but i've a problem with it.

Thanks



                                                                                                                               
                    "Menno s mail list account"                                                                                
                    <lists@xxxxxxxxx>                Para:   cobalt-security@xxxxxxxxxxxxxxx                                   
                    Enviado por:                     cc:                                                                       
                    cobalt-security-admin@list.      Asunto:      Re: [cobalt-security] Results of Forensics Examination of    
                    cobalt.com                         Compromised RaQ 4                                                       
                                                                                                                               
                                                                                                                               
                    24-01-2003 12:47                                                                                           
                    Por favor, responda a                                                                                      
                    cobalt-security                                                                                            
                                                                                                                               
                                                                                                                               





Although this is useful, what the hell is Sun, and your "vulnerability
assessment team" doing with regards to vulnerabilities to RaQs found every
week??

Your email seems to suggest rather rudely that our RaQs are compromised due
to indadequate patching, rather than lack of any patches from Sun.

IMHO there is absolutely no support from Sun regarding recent
vulnerabilities. Often any packages they release to address issues are
weeks if not months too late. In that precious time our RaQs could be
compromised, if it were not for the great advice given on this list on how
to manually patch these problems. In fact the only package support we seem
to get half the time comes from the "unofficial" pkgmaster site.

I have in the past recommended Sun RaQs, but over the last two years have
increasingly recommended standard linux distros, mainly because patches for
vulnerabilities are available much sooner.

Perhaps every Linux person in Sun is working on Madhatter, and doesnt give
a toss about current customers :(

Menno

24/01/2003 14:08:06, Charles Smith <charles.smith@xxxxxxx> wrote:

>
>
>  From:   Charles Smith <charles.smith@xxxxxxx>
>  To:     cobalt-security <cobalt-security@xxxxxxxxxxxxxxx>
>
>  Cc:     Columbus Staff <csabu-cmh-staff@xxxxxxxxxxxxxxx>, Tony Placilla
>          <anthony.placilla@xxxxxxx>
>  Subject:[cobalt-security] Results of Forensics Examination of
Compromised
>          RaQ 4
>  Date:   Fri, 24 Jan 2003 09:08:06 -0500
>
>
>  Recently my was asked to assist in determining
>  the root cause of a compromise of a customer's RaQ 4 that was alleged to
be
>  totally patched. Upon investigation, a summary of which appears below,
it
>  was determined the appliance had actually been compromised prior to
being
>  properly patched and had not been thoroughly eradicated after detection
of
>  the compromise thus negating any subsequent patching effort.
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security