Jeff Bilicki wrote: > Suggestions: > - When importing with CMU use the -p option so all the password will be > changed, also change the default password in /etc/cmu/cobaltBase.xml > (userPasswd).
Thanks for some great suggestions, Jeff. I'm a bit confused over what the -p option does <frown>. Does it change all passwords to the value of userPasswd? I'll offer that as something for my client to deal with. > - Disable all cgi, ssi, asp, jsp, fpx or any other scripting langauge. Another great idea. I suppose we can start in this mode, but most of the sites on this system are FP <frown>. > - Run a sniffer detector on your network, to make sure he/she hasn't hack another > box and is using it to sniff passwords. > http://www.securiteam.com/tools/2GUQ8QAQOU.html We've checked our systems for "promiscuous" mode and do so on a regular basis already. > - Put your own sniffer on the same subnet and log all traffic to the box. That's a bit beyond me at the moment; I have a book I'll look it up in. Good idea, though I'm not sure I'm the one who wants to wade through the logs <wry grin>. Again, thanks! Jeff -- Jeff Lasman <[EMAIL PROTECTED]> Linux and Cobalt/Sun/RaQ Consulting nobaloney.net P. O. Box 52672, Riverside, CA 92517 voice: (909) 778-9980 * fax: (702) 548-9484 _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
