Graeme Fowler wrote: [Remember that Security through Obscurity (ie. just using software to block accesses to your machine) is a bad thing, and you're far far better off ensuring that your services are not exploitable. Admittedly this is difficult on Cobalt boxes, since Cobalt have been renowned in the past for running slowly when it comes to releasing updates for vulnerable software versions. Hopefully with Sun in charge this will improve (although Sun haven't been the quickest off the mark at points in the past, either...)] Use Nessus now and again, from a remote machine, to check the status of your network. Patch your server, but only if you can't wait for Cobalt to react and you now what you are doing. Usually, an exploit is already 2-4 weeks old before getting to Bugtraq or Cert. Cobalt will add another 2 - 4 wees easily. -- MVG, Rob van Eijk _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
