At 18:10 13/03/02 +0000, you wrote: >Over the last 2 weeks we have had 6 Cobalts on our network HACKED!!! >One was even hacked then taken down to be reloaded on a saturday >afternoon and by the saturday night had been done again. They have been a >mixture of raq3 & 4's which have all been fully patched to the hilt and >with a few other security features added to the backend. WHAT'S GOING ON >WITH THESE THINGS!! > >Behind a firewall they are fairly safe ( but getting them to work in the >first place is a nightmare ), but without that security they are about as >safe as a drunk with a box of matches. A brand spanking new raq4 went on >to the network yesterday and by this morning it was about as useful as a >chocolate teapot. Someone had got root access, taken off the latest >patches and put his own version of SSH on the box. I am fully aware of a >stint last year when even a cobalt engineer told me that there had been a >spate of hacks that they didn't know how to fix!!!! > >Not that i expect too much of an answer from this email, but if there is a >group of people that should know about these issues it's the mailing list >and COBALT themselves. Does anybody at Cobalt ( sorry, i should say SUN ) >actually care!!! >
Maybe a packet sniffer on a local network, seems weird that the "HACKER" makes the box more expolitable by change the version of ssh on a box he has already hacked. thats what id be looking for Maybe im wrong Regards Brett >-- >Regards > >Steve Mansfield >Technical Manager >[EMAIL PROTECTED] >www.getreal.co.uk > >Real Data Services Ltd 117-119 Marlborough Road Romford Essex RM7 8AP >[Office] +44 [0] 1708 704433 [Fax] +44 [0] 1708 748859 [Mobile] +44 [0] >7973 864677 > >www.be-an-isp.com www.isdn4free.co.uk http://signup.getreal.co.uk > >**************************************************************************************** > > The information contained in this E-mail is confidential and solely for > the intended > addressee(s). Unauthorised reproduction, disclosure, modification, > and/or distribution > of this email may be unlawful. If you have received this email in error, > please notify > the sender immediately and delete it from your system. > > Real Data Services does not accept legal responsibility for the contents > of this message > if it has reached you via the Internet, as Internet communications are > not secure. > Any opinions expressed are those of the author and are not necessarily > endorsed by the > Real Data Services. > > Recipients are advised to apply their own virus checks to this message > on delivery. > >**************************************************************************************** > >_______________________________________________ >cobalt-security mailing list >[EMAIL PROTECTED] >http://list.cobalt.com/mailman/listinfo/cobalt-security _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
