[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] RE: SMB info on an Qube2 and Security Report
- Subject: [cobalt-users] RE: SMB info on an Qube2 and Security Report
- From: Rod Todd <rodd_todd_1999@xxxxxxxxx>
- Date: Wed Oct 4 02:53:00 2000
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
>Also Cobalt has a security problem with the Qube2
> They forgot to shadow the password file.
How do we fix this; i.e. what commands do we issue on
the file(s).
> To check this out, go in as admin either in
> ftp which is easier or telnet into the Qube and
> look at the passwd file.... I could say OOPS
> if I was a Cobalt tech (they did!!!)
What are we looking for when we look at he passwd
file; i.e. how do we know it is un-shadowed.
> More info on shadow passwords at
> www.bagpipes.net/security
Read your site, sorry to heard that there are still
ISP robber-barrons that use the local sherrif's
department to confiscate a user's computer when the
user states that the ISP's passwords are showing.
Mabye that still works in the "old world" of NY, but
that shit doesn't fly in Silicon Valley. If your
system is not secure you deserve to have users
complain about it without being halled off to jail.
> If your cube is used for users, do not allow
> cgi scripting for the end user and do not allow
> Telnet either.... until this problem is fixed.
> Be sure your ftp does not allow the end user
> to look around other than his/her home directory
> otherwise just pray until Cobalt fix this problem
Thank you !I suspected they screwed up when I saw
Windows machines
showing
the Qube2 as a 2800wg again:
My Qube2 shows that it's a 2800 in Windows explorer
too; is this a problem?
Warm Regards,
RT
__________________________________________________
Do You Yahoo!?
Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
http://photos.yahoo.com/