[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] wish to Cobalt: suppressing "sensitive" information

Subject: Re: [cobalt-users] wish to Cobalt: suppressing "sensitive" information
From: Jeff Bilicki <jeff@xxxxxxxxxxx>
Date: Tue Sep 19 15:28:46 2000

> I agree, its NOT a good idea.  But neither is running software with an
> exploit available.  Patching the the software is the solution.  Also, there
> are many ways of fingerprinting a system, software, etc. not just based upon
> those messages.

The biggest argument for this is not whether or not 
it is a Cobalt system because Cobalt's port 81/444 admin 
server is a dead giveaway.  But whether or not the box is 
x86 or mips, since most remote root sploits use shell code.  If 
someone is smashing the stack and using the wrong shell code
they are going nowhere fast, and it might leave some
funk behind to aid in detection. 

Jeff-

Follow-Ups:
- RE: [cobalt-users] wish to Cobalt: suppressing "sensitive" information
  - From: Jerome Tytgat

Prev by Date: [cobalt-users] Qube2 - Restricting Access to Home Page
Next by Date: [cobalt-users] Can't log in as su when partition full
Previous by thread: RE: Re[3]: [cobalt-users] wish to Cobalt: suppressing"sensitive"information
Next by thread: RE: [cobalt-users] wish to Cobalt: suppressing "sensitive" information

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index