RE: [cobalt-users] Cobalt to provide compensation for server hack?

[elmer@xxxxxxxxxxxxxx]

On Tue, 20 Feb 2001, Dan Kriwitsky wrote:

} But,  the question is, is it Cobalt's fault? Or, is it the open source
} software they used? Or, is it their fault for not discovering the problems
} in BIND? With the number of RaQ servers being hacked, it's likely someone
} will sue and maybe it will get to a judge or jury to decide the fault.

	Cobalt's are not the only servers being targeted. Incident
reports have been rolling past virtually all of the security related
lists lists for the past few days. The unfortunate aspect of this is
that, as is usually the case in these situations, those who are
least prepared to deal with this kind of thing are the ones who are
being hit the hardest. In the Linux server world that means that
Red Hat powered system and appliances such as Cobalt's are the
easiest and most popular targets for no other reason than a higher
percentage of inexperienced system admins run these systems - which
often translates into their simply having more exploitable services
as they're usually not kept as current as they should be.

	But that doesn't mean that old pros and other OSes are being
ignored, quite the contrary in fact.

	I put a fresh new Slackware powered server online yesterday.
It's already seen more than two dozen scans and someone is hammering
away at what I believe to be an attempted FTP exploit as I write
this.  Just a few moments ago I chatted with a friend/client whose
having a network guru setup a firewall right now to protect his
network from a SYN Flood.

	The simple fact is that the only secure server is a server
which is still in it's original box. If a box can't be cracked it
can be brought to it's knees in various ways.

	Truth be told, we're out gunned and usually classed. In the
best case all one can do is give it their best shot and hope that a
determined cracker who knows their stuff doesn't set their sites on
your box.

	That's really all there is to it.