[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Chkrootkit Showing "lkm" After Update

Subject: [cobalt-users] Chkrootkit Showing "lkm" After Update
From: Scott F <scott_falco@xxxxxxxxx>
Date: Thu Sep 6 06:25:18 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

>>RackShack probably doesn't have anything to 
>>do with either of these problems. 
>>They gave you the keys to a server. 

And left the door open with the keys in the ignition
and the engine running.

My original post stated Portsentry was "off" as was
anything else that might be binding to any open port. 


The point I was making is that I didn't appreciate
having a box brought back online after 24 hours
downtime, and not having all the current security
patches installed before bringing it back to the wild.
IMHO, that's not very prudent given how fast/easy it
is to get ahold of a box that has known/public
exploits (e.g., telnet issue for one, and having
telnet on by default). As a customer, taking
possession of a fresh OS (within the hour of it going
online), then spending the next several hours patching
and trying to build back-up the wall, it really stinks
to then find LKM warnings from chkrootkit. That's a
lot of time wasted out of my busy day. But like I
said, this is a test box. My production boxes are in a
rack on the other side of the country at an NOC that
would never bring a box online without all the
security goodies, so no real harm done. :-)

Cheers!
Scott

__________________________________________________
Do You Yahoo!?
Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger
http://im.yahoo.com

Prev by Date: Re: [cobalt-users] Another Qube2 Question
Next by Date: [cobalt-users] RaQ4 MySQL Lost root password
Previous by thread: Re: [cobalt-users] Chkrootkit Showing "lkm" After Update
Next by thread: [cobalt-users] PHP 4.0.6 for RaQ4 released

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index