[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-users] Cobalt to provide compensation for server hack?
- Subject: RE: [cobalt-users] Cobalt to provide compensation for server hack?
- From: "Tony" <isplists@xxxxxxxxxxxx>
- Date: Tue Feb 27 04:25:22 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
+Subject: [cobalt-users] Cobalt to provide compensation for server hack?
+
+
+One of our RAQ3 servers was a victim of the recent hack. Has
+anyone taken up
+the issue of compensation for this incident with Cobalt? Surely
+they must be
+liable as they failed to provide sufficient server protection. We had all
+patches loaded and security was still compromised.
+
+I would be interested to hear of any action that anyone has already taken,
+and/or your views, comments or criticism.
My Raq's were comprimised by a ProFTP exploit. I did not see any mention
of the ProFTP exploit until Rene Hendrix sent out an RPM availability notice
on
2/8/01. No PKG has been released yet. The emphasis in that e-mail was on
BIND, which
I had already patched so I missed the ProFTP way at the bottom of the
e-mail.
I've pulled dozens of IP's out of the secure logs that show repeated
30-second attempts
to FTP login.
Just add this to the list of Cobalt's shortcomings as a Vendor.
Seems like it would not be that hard to design a feature into the Cobalt
GUI's
with a "Patch Me" button that would automatically go fetch the latest
security
updates packages and install them similiar to Debian's apt-get install
command
or the Storm Package Manager instead of making us "appliance owners" go
through
the 15 kazillion hoops that is the present security update 'system'.
So I wouldn't continue to wait for the ProFTP PKG---it's been a week.
Install the RPM's NOW.