[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-users] Re:Apache Chunked Vulnerability and Cobalt servers
- Subject: RE: [cobalt-users] Re:Apache Chunked Vulnerability and Cobalt servers
- From: "Peter Masloch" <peter@xxxxxxxxxxx>
- Date: Fri Jun 21 18:21:17 2002
- Organization: EasyniX Consulting
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
That is how server are getting compromised,
Admins don't install updates/upgrades.
Also the Hacker is reading security advisors and know
that not everybody is updating his server.
It is not always a script kiddie. In my experience, (yes,
i do network security analysis and auditing) many times
it is an ex-employee, ex-customer or your competitor. Gov.
Agencies also hiring Hacker for certain jobs but i think this
will not apply for the Web Hosting business.
The script kiddies are on the end of the line and in most cases
more harmless since they don't know how to destroy evidence from
the break in or even spoof there identity.
Peter
>At 11:22 AM -0400 6/21/02, Chad is rumored to have typed:
>
>> Psych 101 - Never underestimate the power of denial...
>
> I, for one, am not in denial. I also refuse to jump
>up-and-down screaming
>that the sky is falling. Panic isn't any better than denial -
>neither are
>productive, both cause more trouble than you had originally.
>
>> Anyone who owns anything with a Cobalt tag on the
>> front panel, *IS* vulnerable to the Apache issue...!
>
> And about six bazillion _other_ issues. This whole DoS
>thing is terrible,
>of course, but geez, guy, there are about a gadzillion _other_ ways of
>generating DoS attacks, distributed viral attacks being _much
>more_ of a fear
>than this. There are _much_ easier pre-packaged rootkits your Cobalt is
>succeptable to. There are hundreds of ways for a script kiddie
>to take over
>your machine and install his IRC bot on it. The Apache
>advisory is certainly
>a security issue. It is NOT the end of the world, and you have
>other security
>risks in your Cobalt that you don't even know about yet. So
>calm down, for
>heaven's sake. Next time you feel the need to hit the
>exclaimation point a
>few times, think long and hard about it first.
>
>> If you want to do something, start shaking the
>> Cobalt/SUN tree and demand if/when they plan on
>> releasing updates to Apache for their products, as
>> Apache has already released 1.3.26 to address this
>> issue two days ago...!!
>
> Actually, if you want to do something _productive,_ stop
>shaking trees (or
>fists) and ask politely if anything is being done to deal with
>this issue.
>Has anyone bothered to actually contact anyone at Sun and ask
>if there's
>anything in the works? Or are we all too busy running around in little
>circles bemoaning how unfair life is?
>
> Of course, you always have the option of installing 1.3.26 on your
>Cobalts, if you'd like. Your GUI will likely break, but hey,
>let us know how
>it goes. I'll risk a DoS on this waiting for a security patch, thanks.
>
> Panic rarely solves _any_ problem. Screaming even fewer.
>
> Charlie
>
>
>_______________________________________________
>cobalt-users mailing list
>cobalt-users@xxxxxxxxxxxxxxx
>To Subscribe or Unsubscribe, please go to:
>http://list.cobalt.com/mailman/listinfo/cobalt-users
>
>