At 12:10 PM 3/13/2002, you wrote: >Over the last 2 weeks we have had 6 Cobalts on our network HACKED!!! >One was even hacked then taken down to be reloaded on a saturday >afternoon and by the saturday night had been done again. They have been a >mixture of raq3 & 4's which have all been fully patched to the hilt and >with a few other security features added to the backend. WHAT'S GOING ON >WITH THESE THINGS!! > >Behind a firewall they are fairly safe ( but getting them to work in the >first place is a nightmare ), but without that security they are about as >safe as a drunk with a box of matches. A brand spanking new raq4 went on >to the network yesterday and by this morning it was about as useful as a >chocolate teapot. Someone had got root access, taken off the latest >patches and put his own version of SSH on the box. I am fully aware of a >stint last year when even a cobalt engineer told me that there had been a >spate of hacks that they didn't know how to fix!!!! > >Not that i expect too much of an answer from this email, but if there is a >group of people that should know about these issues it's the mailing list >and COBALT themselves. Does anybody at Cobalt ( sorry, i should say SUN ) >actually care!!! > > >-- >Regards
Have you fired anyone lately? _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
