On Wednesday 13 March 2002 01:10 pm, Steve Mansfield wrote: > Over the last 2 weeks we have had 6 Cobalts on our network HACKED!!! One > was even hacked then taken down to be reloaded on a saturday afternoon > and by the saturday night had been done again. They have been a mixture > of raq3 & 4's which have all been fully patched to the hilt and with a > few other security features added to the backend. WHAT'S GOING ON WITH > THESE THINGS!! > > Behind a firewall they are fairly safe ( but getting them to work in the > first place is a nightmare ), but without that security they are about > as safe as a drunk with a box of matches. A brand spanking new raq4 went > on to the network yesterday and by this morning it was about as useful > as a chocolate teapot. Someone had got root access, taken off the latest > patches and put his own version of SSH on the box. I am fully aware of a > stint last year when even a cobalt engineer told me that there had been > a spate of hacks that they didn't know how to fix!!!! > > Not that i expect too much of an answer from this email, but if there is > a group of people that should know about these issues it's the mailing > list and COBALT themselves. Does anybody at Cobalt ( sorry, i should say > SUN ) actually care!!!
I have had a lot of ssh protocol 1 scans You are running ONLY protocol 2 aren't you? And you are running 3.1p1 -- Gerald Waugh New Haven, Connecticut USA _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
