[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [2] [cobalt-users] Suggestion for Sun Cobalt Team
- Subject: RE: [2] [cobalt-users] Suggestion for Sun Cobalt Team
- From: flash22@xxxxxxx
- Date: Sat Feb 24 21:10:02 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
On Thu, 22 Feb 2001, Alex Lee wrote:
> > Many bought / leased a cobalt at a CoLo and it is very painful to do
> > a full restore for several reasons:
and...any data put on the machine since your last backup is lost email,
web form input....customer orders....
Even if you back the machine daily this could be a fair problem..
(and who backs up the mail q?)
> All valid points. Has anyone calculated the cost analysis of rebuilding the
> server from scratch (with a backup) vs hiring a internet security expert to
> audit your system and clean it?
It's cheaper to buy a new machine -/ I'm not kidding ...
Were talking good money for someone who truely knows what they are doing,
for probably 8-10 hours it will take just to be 'somewhat certain' the
machine is clean....
The problem tho, is there is no 'halfway' solution to allow data recovery
> If you fail to notify your users if you got hacked, then you put them in
> jeopardy if they had any confidential information stored or passed through
> your server. You also take the risk of encountering future problems as you
> cannot be certain if you eradicated all traces of the intruder(s).
Noone wants to talk about SSL keys...do you know how much of an
increadable PITA it is to revoke a cert??
> The good thing that came out of this past month is the increase in awareness
> of security issues in providing Internet services.
Along with a fair amount of bad publicity for cobalt/sun that probably
could have been handled better via some customer relations work...
>
> btw, the above message is my opinion entirely and does not reflect Sun
> Cobalt policy.
ditto...
gsh