FW: [cobalt-users] Cobalt to provide compensation for server hack?

["Tony" <isplists@xxxxxxxxxxxx>]

Why is 3 out of 5 inbound replies bouncing around for hours
before being delivered to the list if at all?

-----Original Message-----
From: Tony
Sent: Friday, February 16, 2001 12:43 PM
To: cobalt-users@xxxxxxxxxxxxxxx
Subject: RE: [cobalt-users] Cobalt to provide compensation for server
hack?


+Subject: [cobalt-users] Cobalt to provide compensation for server hack?
+
+
+One of our RAQ3 servers was a victim of the recent hack. Has
+anyone taken up
+the issue of compensation for this incident with Cobalt? Surely
+they must be
+liable as they failed to provide sufficient server protection. We had all
+patches loaded and security was still compromised.
+
+I would be interested to hear of any action that anyone has already taken,
+and/or your views, comments or criticism.

My Raq's were comprimised by a ProFTP exploit. I did not see any mention
of the ProFTP exploit until Rene Hendrix sent out an RPM availability notice
on
2/8/01. No PKG has been released yet. The emphasis in that e-mail was on
BIND, which
I had already patched so I missed the ProFTP way at the bottom of the
e-mail.

I've pulled dozens of IP's out of the secure logs that show repeated
30-second attempts
to FTP login.

Just add this to the list of Cobalt's shortcomings as a Vendor.

Seems like it would not be that hard to design a feature into the Cobalt
GUI's
with a "Patch Me" button that would automatically go fetch the latest
security
updates packages and install them similiar to Debian's apt-get install
command
or the Storm Package Manager instead of making us "appliance owners" go
through
the 15 kazillion hoops that is the present security update 'system'.

So I wouldn't continue to wait for the ProFTP PKG---it's been a week.
Install the RPM's NOW.