[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-users] Security Alert on MIPS based Cobalt Servers
- Subject: RE: [cobalt-users] Security Alert on MIPS based Cobalt Servers
- From: "Scott Rader" <slr@xxxxxxxxx>
- Date: Mon Oct 9 16:45:32 2000
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
> From: cobalt-users-admin@xxxxxxxxxxxxxxx
> [mailto:cobalt-users-admin@xxxxxxxxxxxxxxx]On Behalf
> Of Franklin S. Werren
> Sent: Friday, October 06, 2000 5:48 PM
>
> If you leave port 81 open to the net and use a MIPS
> based Cobalt server, Raq 1 and 2? Qubes etc...
> you may leave yourself open to compromises....
>
> I did not find it on a Intel base RAQ3i
> I did not check a RAQ 2 but I suspect it is the same
>
> Try this www.yourdomain.com:81./cobalt
> www.yourdomain.com:81/.cobalt/install
> www.yourdomain.com:81/cobalt/siteManage
> others are <snipped>...
>
> You can use any Cobalt Domain....
> Not just the Main domain but virtual domains
>
> I found it on my Qube 2...Real Cute!!!
> I do not let port 81 to connect outside my LAN.
> so I have access to all the port 81 admin functions
>
> I like my Qube but I think Cobalt has been real sloppy
> with a proven OS like RedHat Linux.
>
> I do not know how to fix this yet.....
Amazing... On my Qube 2, I copied the .htaccess from
/home/groups/home/private into the .cobalt directory and now get
prompted for password access. I would appreciate comments on this
quick solution (read hack)... -Scott.